WO2022137571A1 - Authentication device, authentication method, and authentication program - Google Patents

Authentication device, authentication method, and authentication program Download PDF

Info

Publication number
WO2022137571A1
WO2022137571A1 PCT/JP2020/048990 JP2020048990W WO2022137571A1 WO 2022137571 A1 WO2022137571 A1 WO 2022137571A1 JP 2020048990 W JP2020048990 W JP 2020048990W WO 2022137571 A1 WO2022137571 A1 WO 2022137571A1
Authority
WO
WIPO (PCT)
Prior art keywords
authentication
information
signal
site
biological
Prior art date
Application number
PCT/JP2020/048990
Other languages
French (fr)
Japanese (ja)
Inventor
俊 日夏
Original Assignee
三菱電機株式会社
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 三菱電機株式会社 filed Critical 三菱電機株式会社
Priority to JP2021526815A priority Critical patent/JP6983365B1/en
Priority to CN202080108030.8A priority patent/CN116601627A/en
Priority to DE112020007726.8T priority patent/DE112020007726T5/en
Priority to PCT/JP2020/048990 priority patent/WO2022137571A1/en
Publication of WO2022137571A1 publication Critical patent/WO2022137571A1/en
Priority to US18/139,729 priority patent/US20230259599A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06TIMAGE DATA PROCESSING OR GENERATION, IN GENERAL
    • G06T7/00Image analysis

Definitions

  • This disclosure relates to authentication technology using biological signals.
  • ECG Electrocardiogram
  • PPG Photoplethysmogram
  • ECG and PPG are time series signals.
  • Non-Patent Documents 1 and 2 biological signals such as ECG and PPG may be measured at various parts of the body. Using this, there is a possibility that a sensor will be installed in a place where the attacker impersonates the target person's body and the biological signal will be measured illegally. Further, since the biological signal is often treated as an electric signal, as described in Non-Patent Document 1, it is conceivable that an attacker illegally generates a biological signal and inputs it to an authentication device. Therefore, in order for authentication using biological signals to become widespread and diversified in the future, an authentication method equipped with countermeasures against spoofing attacks due to measurement of illegal biological signals and generation of illegal biological signals will be required.
  • Patent Document 1 and Non-Patent Document 3 describe authentication provided with countermeasures against spoofing attacks using information illegally generated by an attacker.
  • Patent Document 1 guarantees that the presented fingerprint was obtained from a living body (finger) rather than artificially generated by confirming that PPG can be measured from a finger before performing fingerprint authentication. It is described that the authentication is performed.
  • Non-Patent Document 3 by confirming that PPG can be measured by a camera and image processing at the same time as face recognition, the object measured by the camera for face recognition is not an artificial object such as a mask but a living body (face). It is stated that the certification is performed by guaranteeing that.
  • the spoofing attack countermeasures described in Patent Document 1 and Non-Patent Document 3 are both countermeasures added to authentication based on physical features acquired as images, such as fingerprints or faces. Therefore, countermeasures against spoofing attacks on authentication using biological signals are insufficient. In particular, no countermeasures have been taken from the viewpoint of authentication for spoofing attacks by fraudulent measurement of biological signals against a spoofing partner. It is an object of the present disclosure to make it feasible to take measures against spoofing attacks due to unauthorized measurement of biological signals.
  • the authentication device is A signal acquisition unit that acquires biological signals, An authentication information generation unit that generates different authentication information according to an individual living body from the biological signal acquired by the signal acquisition unit.
  • a site information generation unit that generates different site information from the biological signal depending on the acquisition site of the biological signal. It includes an authentication unit that performs authentication based on the authentication information generated by the authentication information generation unit and the site information generated by the site information generation unit.
  • authentication is performed using site information in addition to authentication information. As a result, it is possible to control so that authentication does not succeed when a biological signal illegally measured in a part other than the intended part is used. Therefore, it is possible to implement countermeasures against spoofing attacks due to unauthorized measurement of biological signals.
  • FIG. The flowchart of the process of the authentication apparatus 10 which concerns on Embodiment 1.
  • FIG. An explanatory diagram of site information when the biological signal according to the first embodiment is ECG.
  • An explanatory diagram of site information when the biological signal according to the first embodiment is PPG.
  • FIG. The flowchart of the process of the authentication apparatus 10 which concerns on modification 2.
  • the block diagram of the authentication apparatus 10 which concerns on Embodiment 2.
  • FIG. The flowchart of the process of the authentication apparatus 10 which concerns on Embodiment 2.
  • FIG. The flowchart of the process of the authentication apparatus 10 which concerns on Embodiment 3.
  • FIG. The flowchart of the process of the authentication apparatus 10 which concerns on Embodiment 4. The explanatory view of the physiological index which concerns on Embodiment 4.
  • the authentication device 10 is a computer.
  • the authentication device 10 is a wearable such as a smart watch, a mobile device such as a smartphone, and a stationary device installed at an entrance of a building or the like.
  • the authentication device 10 includes hardware of a processor 11, a memory 12, a sensor interface 13, a display interface 14, a communication interface 15, and an auxiliary storage device 16.
  • the processor 11 is connected to other hardware via a signal line and controls these other hardware.
  • the processor 11 is an IC (Integrated Circuit) that performs processing. Specific examples of the processor 11 are a CPU (Central Processing Unit), a DSP (Digital Signal Processor), and a GPU (Graphics Processing Unit).
  • a CPU Central Processing Unit
  • DSP Digital Signal Processor
  • GPU Graphics Processing Unit
  • the memory 12 is a storage device that temporarily stores data.
  • the memory 12 is a SRAM (Static Random Access Memory) or a DRAM (Dynamic Random Access Memory).
  • the sensor interface 13 is an interface for communicating with a sensor 31 mounted on the authentication device 10 or installed outside the authentication device 10.
  • the sensor interface 13 is a USB (Universal Serial Bus) port.
  • the sensor 31 is mounted on the authentication device 10, but the sensor 31 may be installed outside the authentication device 10.
  • the sensor 31 may be worn by the subject independently of the authentication device 10.
  • the sensor interface 13 may be provided together with the sensor 31 independently of the authentication device 10. In this case, it is connected to the sensor interface 13 via the communication interface 15.
  • the display interface 14 is an interface for communicating with a display mounted on the authentication device 10 or installed outside the authentication device 10.
  • the display interface 14 is a port of HDMI (registered trademark, High-Definition Multimedia Interface).
  • the communication interface 15 is an interface for communicating with an external device.
  • the communication interface 15 is, as a specific example, a port of Ethernet®.
  • the auxiliary storage device 16 is a storage device for storing data.
  • the auxiliary storage device 16 is an HDD (Hard Disk Drive).
  • the auxiliary storage device 16 includes an SD (registered trademark, Secure Digital) memory card, CF (CompactFlash, registered trademark), a NAND flash, a flexible disk, an optical disk, a compact disk, a Blu-ray (registered trademark) disk, and a DVD (Digital Versaille Disk). ) May be a portable recording medium.
  • the authentication device 10 includes a signal acquisition unit 21, an authentication information generation unit 22, a site information generation unit 23, and an authentication unit 24 as functional components.
  • the functions of each functional component of the authentication device 10 are realized by software.
  • the auxiliary storage device 16 stores a program that realizes the functions of each functional component of the authentication device 10. This program is read into the memory 12 by the processor 11 and executed by the processor 11. As a result, the functions of each functional component of the authentication device 10 are realized.
  • processors 11 In FIG. 1, only one processor 11 was shown. However, the number of processors 11 may be plural, and the plurality of processors 11 may execute programs that realize each function in cooperation with each other.
  • the operation of the authentication device 10 according to the first embodiment will be described with reference to FIGS. 2 to 5.
  • the operation procedure of the authentication device 10 according to the first embodiment corresponds to the authentication method according to the first embodiment.
  • the program that realizes the operation of the authentication device 10 according to the first embodiment corresponds to the authentication program according to the first embodiment.
  • Step S101 Signal acquisition process
  • the signal acquisition unit 21 acquires the biological signal of the subject from the sensor 31 connected via the sensor interface 13.
  • Specific examples of the biological signals include time-series signals such as ECG obtained by measuring the electrical activity of the heart and PPG obtained by optically measuring the behavior of blood vessels associated with the heartbeat.
  • biological signals are not limited to these.
  • the signal acquisition unit 21 writes the biological signal to the memory 12.
  • Step S102 Authentication information generation process
  • the authentication information generation unit 22 generates different authentication information according to the individual of the living body from the biological signal acquired in step S101. Specifically, the authentication information generation unit 22 reads the biological signal from the memory 12. The authentication information generation unit 22 generates authentication information by a method of generating a waveform of a biological signal as authentication information, or extracting a feature amount from the biological signal and using the feature amount as authentication information. As long as the authentication information differs depending on the individual living body, the method of generating the authentication information is not limited. The authentication information generation unit 22 writes the authentication information in the memory 12.
  • Step S103 Part information generation process
  • the site information generation unit 23 generates different site information from the biological signal acquired in step S101 according to the acquisition site of the biological signal even for the same individual. Specifically, the site information generation unit 23 reads the biological signal from the memory 12. The site information generation unit 23 generates a waveform of a biological signal as site information, or extracts a feature amount from the biological signal and uses the feature amount as site information, as in the method of generating authentication information. Generate information. However, the site information needs to be different depending on the site where the biological signal is acquired. As long as the site information differs depending on the site where the biological signal is acquired, the method for generating the site information is not limited. The site information generation unit 23 writes the site information to the memory 12.
  • FIG. 3 shows an example in which ECG waveforms measured at a plurality of locations are superimposed and compared. Specifically, FIG. 3 shows an ECG waveform measured by the wrist and an ECG waveform measured by the palm of the same individual. As shown in FIG. 3, it can be seen that even in the same individual, there is a difference between the maximum value and the time when the maximum value appears. Therefore, it is conceivable to use the maximum value in the ECG waveform and the time when the maximum value appears as site information.
  • FIG. 4 shows an example in which PPG waveforms measured at a plurality of locations are superimposed and compared. Specifically, FIG. 4 shows a PPG waveform measured by a finger and a PPG waveform measured by a forehead for the same individual. As shown in FIG. 4, it can be seen that even in the same individual, there is a difference between the time when the first maximum value appears and the two maximum values. Therefore, it is conceivable to use the maximum value in the PPG waveform and the time when the maximum value appears as site information.
  • Step S104 First authentication process
  • the authentication unit 24 compares the authentication information generated in step S102 with the authentication standard information stored in the auxiliary storage device 16 in advance, and determines whether the first authentication is successful or unsuccessful. Specifically, the authentication unit 24 has the authentication information generated in step S102 and the authentication standard information having a similarity of the first threshold value or more, or the authentication information generated in step S102 and the authentication standard information. It is determined whether or not the condition that the difference between the and is within the allowable value is satisfied. If the condition is satisfied, the authentication unit 24 determines that the first authentication has succeeded, and if the condition is not satisfied, determines that the first authentication has failed. If it is determined that the first authentication is successful, the authentication unit 24 advances the process to step S105. On the other hand, if it is determined that the first authentication has failed, the authentication unit 24 determines that the authentication has failed and ends the process. If it is determined that the first authentication has failed, the process may be returned to step S101 and the authentication process may be redone.
  • Step S105 Second authentication process
  • the authentication unit 24 compares the site information generated in step S103 with the site reference information stored in the auxiliary storage device 16 in advance, and determines whether the second authentication succeeds or fails. Specifically, the authentication unit 24 has the site information generated in step S103 and the site reference information having a similarity of the second threshold value or more, or the site information generated in step S103 and the site reference information. It is determined whether or not the condition that the difference between the and is within the allowable value is satisfied. If the condition is satisfied, the authentication unit 24 determines that the second authentication has succeeded, and if the condition is not satisfied, determines that the second authentication has failed. If it is determined that the second authentication is successful, the authentication unit 24 considers the authentication successful and ends the process. On the other hand, if it is determined that the second authentication has failed, the authentication unit 24 determines that the authentication has failed and ends the process. If it is determined that the second authentication has failed, the process may be returned to step S101 and the authentication process may be redone.
  • step S104 it was explained that the authentication standard information was stored in the auxiliary storage device 16 in advance. Further, in step S105, it was explained that the site reference information was stored in the auxiliary storage device 16 in advance.
  • the processes from step S101 to step S103 are executed, the authentication information generated in step S102 is stored as authentication reference information, and the site information generated in step S103 is stored as site reference information.
  • Authentication information and site information may change over the years. Therefore, when a certain period of time has passed, the authentication standard information and the site standard information may be reacquired.
  • FIG. 5 shows a case where the feature amount is used as the authentication standard information and the site standard information.
  • step S102 and step S103 and the execution order of step S104 and step S105 are not limited to the order shown in FIG. 2, and may be interchanged.
  • the authentication device 10 authenticates using the site information in addition to the authentication information. As a result, it is possible to control so that authentication does not succeed when a biological signal illegally measured at a site other than the intended site is used. Therefore, it is possible to implement countermeasures against spoofing attacks due to unauthorized measurement of biological signals.
  • the number of sensors 31 is not particularly limited. Authentication information and site information may be generated from a single biological signal measured by a single sensor, or authentication information and site information may be generated from a plurality of biological signals measured by a plurality of sensors. .. Further, the signal acquisition unit 21 may control the sensor 31 via the sensor interface 13 to switch between a biological signal for generating authentication information and a biological signal for generating site information. For example, the signal acquisition unit 21 may switch the sensor 31 to be used or change the set value required for the operation of the sensor 31. In this case, the authentication information generation unit 22 generates the authentication information from the biological signal for generating the authentication information, and the site information generation unit 23 generates the site information from the biological signal for generating the site information. ..
  • ⁇ Modification 2> if the first authentication based on the authentication information and the second authentication based on the site information are successful once, the authentication is successful. However, if the first authentication based on the authentication information and the second authentication based on the site information are successful a plurality of times in succession, the authentication may be successful.
  • step S111 to step S115 is the same as the process from step S101 to step S105 in FIG.
  • step S115 if it is determined that the second authentication is successful, the authentication unit 24 advances the process to step S116.
  • Step S116 Continuation determination process
  • the authentication unit 24 determines whether or not the number of successful first and second authentications has reached the reference number of times. When the number of successes reaches the reference number, the authentication unit 24 considers the authentication to be successful and ends the process. On the other hand, if the number of successes has not reached the reference number, the authentication unit 24 returns the process to step S111.
  • the authentication unit 24 may determine whether or not the site information is the site information for the same site as the site information generated for the first time. Then, if the condition is satisfied and the site information is the site information about the same site as the site information generated for the first time, the authentication unit 24 may determine that the second authentication has been successful. As a result, if the measurement site is changed during the process, the authentication may fail. That is, if the sensor moves in the middle of the process, the authentication may fail.
  • each functional component is realized by software.
  • each functional component may be realized by hardware. The difference between the first modification and the first embodiment will be described.
  • the authentication device 10 When each functional component is implemented in hardware, the authentication device 10 includes an electronic circuit instead of the processor 11, the memory 12, and the auxiliary storage device 16.
  • the electronic circuit is a dedicated circuit that realizes the functions of each functional component, the memory 12, and the auxiliary storage device 16.
  • each functional component may be realized by one electronic circuit, or each functional component may be distributed and realized by a plurality of electronic circuits.
  • Modification example 4 As a modification 4, some functional components may be realized by hardware, and other functional components may be realized by software.
  • the processor 11, the memory 12, the auxiliary storage device 16, and the electronic circuit are called processing circuits. That is, the function of each functional component is realized by the processing circuit.
  • Embodiment 2 is different from the first embodiment in that at least one of authentication information and site information is generated from a composite signal generated by performing an operation by inputting a plurality of biological signals acquired from a plurality of sensors 31. .. In the second embodiment, these different points will be described, and the same points will be omitted. In the second embodiment, a case where both the authentication information and the site information are generated from the composite signal will be described.
  • the configuration of the authentication device 10 according to the second embodiment will be described with reference to FIG. 7.
  • the authentication device 10 differs from the authentication device 10 shown in FIG. 1 in that the authentication device 10 includes a signal calculation unit 25 as a functional component.
  • the signal calculation unit 25 is realized by software or hardware like other functional components.
  • the authentication device 10 is different from the authentication device 10 shown in FIG. 1 in that the processor 11 is connected to a plurality of sensors 31 via the sensor interface 13.
  • Each sensor 31 may be a sensor having the same specifications or may be a sensor having different specifications.
  • the operation of the authentication device 10 according to the second embodiment will be described with reference to FIGS. 8 and 9.
  • the operation procedure of the authentication device 10 according to the second embodiment corresponds to the authentication method according to the second embodiment.
  • the program that realizes the operation of the authentication device 10 according to the second embodiment corresponds to the authentication program according to the second embodiment.
  • step S206 to step S207 is the same as the process from step S104 to step S105 in FIG.
  • Step S201 Calculation method determination process
  • the signal calculation unit 25 determines a calculation method for calculating a composite signal.
  • the calculation method is addition or subtraction of a plurality of biological signals.
  • the calculation method is not limited to this.
  • the signal calculation unit 25 determines the calculation method by a method such as accepting a designation of the calculation method from a target person or the like and reading a preset calculation method.
  • Step S202 Signal acquisition process
  • the signal acquisition unit 21 acquires a plurality of biological signals of the subject from the plurality of sensors 31 connected via the sensor interface 13.
  • the signal acquisition unit 21 writes a plurality of biological signals to the memory 12.
  • Step S203 Signal calculation processing
  • the signal calculation unit 25 receives a plurality of biological signals acquired in step S202 as inputs, performs calculations by the calculation method determined in step S201, and generates a composite signal.
  • the signal calculation unit 25 writes the composite signal to the memory 12.
  • FIG. 9 shows an example in which PPG is measured by two sensors 31 and the obtained PPGs are calculated with each other.
  • PPG is measured by irradiating a blood vessel with light from a light source and acquiring reflected light or transmitted light obtained by a light receiving unit.
  • the waveform of PPG is different depending on the wavelength (color) of the light source.
  • the depth at which light can reach in a living body differs depending on the wavelength. Therefore, for example, as shown in FIG. 9, it is considered that only deep information can be extracted by calculating the difference between the biological signal obtained by green light and the biological signal obtained by infrared light. It is considered that the composite signal obtained by the calculation between each biological signal is more difficult to artificially generate than the single biological signal.
  • Step S204 Authentication information generation process
  • the authentication information generation unit 22 generates authentication information from the composite signal generated in step S203.
  • the method of generating the authentication information is the same as that of the first embodiment except that a composite signal is input instead of the biological signal.
  • the authentication information generation unit 22 writes the authentication information in the memory 12.
  • Step S205 Part information generation process
  • the site information generation unit 23 generates site information from the composite signal generated in step S203.
  • the method of generating the site information is the same as that of the first embodiment except that a composite signal is input instead of the biological signal.
  • the site information generation unit 23 writes the site information to the memory 12.
  • step S201 to step S205 are executed, the authentication information generated in step S204 is stored as authentication reference information, and the site information generated in step S205 is stored as site reference information. Similar to the first embodiment, the certification standard information and the site standard information may be reacquired after a certain period of time has passed.
  • step S204 and step S205 and the execution order of step S206 and step S207 are not limited to the order shown in FIG. 2, and may be interchanged.
  • the authentication device 10 generates at least one of authentication information and site information from a composite signal obtained by calculation from a plurality of biological signals.
  • Composite signals are considered to be more difficult to artificially generate than single biological signals. Therefore, it is possible to realize better countermeasures against spoofing attacks due to illegal measurement of biological signals.
  • step S211 to step S217 is the same as the process from step S201 to step S207 in FIG.
  • step S207 if it is determined that the second authentication is successful, the authentication unit 24 advances the process to step S218.
  • Step S218 Continuation determination process
  • the authentication unit 24 determines whether or not the number of successful first and second authentications has reached the reference number of times. When the number of successes reaches the reference number, the authentication unit 24 considers the authentication to be successful and ends the process. On the other hand, if the number of successes has not reached the reference number, the authentication unit 24 returns the process to step S211.
  • the authentication unit 24 may determine whether or not the site information is the site information for the same site as the site information generated for the first time. good. Then, if the condition is satisfied and the site information is the site information about the same site as the site information generated for the first time, the authentication unit 24 may determine that the second authentication has been successful. Further, in step S211 the calculation method may be changed each time so as not to be observed by an attacker, and a composite signal may be generated by a different calculation method each time. This makes it possible to further increase the difficulty of spoofing attacks.
  • Embodiment 3 is different from the first embodiment in that the biological signal corresponding to the sensor control information is acquired by giving the sensor control information to the sensor 31 and then acquiring the biological signal. In the third embodiment, these different points will be described, and the same points will be omitted.
  • the configuration of the authentication device 10 according to the third embodiment will be described with reference to FIG.
  • the authentication device 10 differs from the authentication device 10 shown in FIG. 1 in that the processor 11 is connected to a plurality of sensors 31 via the sensor interface 13. Each sensor 31 is controlled by the sensor control information given from the processor 11. Although the case where a plurality of sensors 31 are used will be described here, the authentication device 10 may use a single sensor 31 to acquire different biological signals according to the sensor control information.
  • the operation of the authentication device 10 according to the third embodiment will be described with reference to FIGS. 12 and 14.
  • the operation procedure of the authentication device 10 according to the third embodiment corresponds to the authentication method according to the third embodiment.
  • the program that realizes the operation of the authentication device 10 according to the third embodiment corresponds to the authentication program according to the third embodiment.
  • step S303 to step S304 is the same as the process from step S102 to step S103 in FIG.
  • Step S301 Control information determination process
  • the signal acquisition unit 21 determines the sensor control information.
  • the sensor control information is information indicating which sensor 31 is used among the plurality of sensors 31, and setting information of the wavelength (color) of the light source included in the optical sensor.
  • the sensor control information is not limited to this.
  • the signal acquisition unit 21 determines the sensor control information by a method of accepting the designation of the sensor control information from the target person or the like and reading out the preset sensor control information.
  • a method of setting in advance it is conceivable to determine the sensor control information to be used according to the time. For example, a method of deciding to use a green light source before time t1 and to use an infrared light source after time t1 can be considered.
  • it is conceivable to randomly determine the order of use of control information in advance For example, a method of deciding to use a green light source and a red light source alternately can be considered.
  • Step S302 Signal acquisition process
  • the signal acquisition unit 21 acquires a biological signal corresponding to the sensor control information determined in step S301 from the sensor 31 connected via the sensor interface 13. Specifically, the signal acquisition unit 21 controls the sensor 31 by the sensor control information determined in step S301, and then acquires the biological signal from the sensor 31. The signal acquisition unit 21 writes the biological signal to the memory 12.
  • Step S305 First authentication process
  • the authentication unit 24 performs the first authentication using the standard according to the sensor control information determined in step S301. Specifically, the authentication unit 24 compares the authentication information generated in step S303 with the authentication standard information stored in the auxiliary storage device 16 in advance and corresponding to the sensor control information. Then, it is determined whether the first authentication is successful or unsuccessful. At this time, the authentication unit 24 determines whether or not the first authentication is successful or unsuccessful by determining whether or not the conditions corresponding to the sensor control information are satisfied. If it is determined that the first authentication is successful, the authentication unit 24 advances the process to step S306. On the other hand, if it is determined that the first authentication has failed, the authentication unit 24 determines that the authentication has failed and ends the process. If it is determined that the first authentication has failed, the process may be returned to step S301 and the authentication process may be redone.
  • Step S306 Second authentication process
  • the authentication unit 24 performs the second authentication using the standard according to the sensor control information determined in step S301. Specifically, the authentication unit 24 compares the site information generated in step S304 with the site reference information stored in the auxiliary storage device 16 in advance and corresponding to the sensor control information. Then, it is determined whether the second authentication is successful or unsuccessful. At this time, the authentication unit 24 determines whether the second authentication is successful or unsuccessful by determining whether or not the conditions corresponding to the sensor control information are satisfied. If it is determined that the second authentication is successful, the authentication unit 24 considers the authentication successful and ends the process. On the other hand, if it is determined that the second authentication has failed, the authentication unit 24 determines that the authentication has failed and ends the process. If it is determined that the second authentication has failed, the process may be returned to step S301 and the authentication process may be redone.
  • step S301 to step S304 are executed, the authentication information generated in step S303 is stored as authentication reference information, and the site information generated in step S304 is stored as site reference information.
  • the processes from step S301 to step S304 are executed for each sensor control information used, and the authentication reference information and the site reference information corresponding to each sensor control information are stored.
  • FIGS. 13 and 14 authentication reference information and site reference information are stored together with the measurement date and time of the biological signal for each sensor control information for one subject.
  • FIG. 13 shows an example in which the sensor 31 to be used is changed according to the sensor control information.
  • FIG. 14 shows an example in which the light source is changed according to the sensor control information.
  • FIGS. 13 and 14 show a case where the feature amount is used as the authentication standard information and the site reference information.
  • the authentication standard information and the site reference information when the sensor 1 is used and when the sensor 2 is used are stored for each target person.
  • the authentication standard information and the site standard information when the light source is green and when the light source is red are stored for each target person.
  • step S303 and step S304 and the execution order of step S305 and step S306 are not limited to the order shown in FIG. 2, and may be interchanged.
  • the authentication device 10 acquires a biological signal corresponding to the sensor control information.
  • PPG is measured by using a light source such as green and infrared light together with a photodetector, but the waveform measured by the wavelength of the light source is different. Therefore, by changing the wavelength of the light source, different information can be obtained as authentication information and site information.
  • Sensor control information cannot be observed from the attacker. For example, an attacker cannot observe the type of light source used as control information or the sensor 31 used. Therefore, spoofing attacks by measuring or generating biological signals used for authentication are impossible, or the difficulty level is higher than in the case of the first embodiment.
  • step S311 to step S316 is the same as the process from step S301 to step S306 in FIG. However, in step S306, if it is determined that the second authentication is successful, the authentication unit 24 advances the process to step S317.
  • Step S317 Continuation determination process
  • the authentication unit 24 determines whether or not the number of successful first and second authentications has reached the reference number of times. When the number of successes reaches the reference number, the authentication unit 24 considers the authentication to be successful and ends the process. On the other hand, if the number of successes has not reached the reference number, the authentication unit 24 returns the process to step S311.
  • the authentication unit 24 may determine whether or not the site information is the site information for the same site as the site information generated for the first time. good. Then, if the condition is satisfied and the site information is the site information about the same site as the site information generated for the first time, the authentication unit 24 may determine that the second authentication has been successful. Further, in step S311, the sensor control information may be changed each time. This makes it possible to further increase the difficulty of spoofing attacks.
  • Embodiment 4 differs from the first embodiment in that authentication is performed using physiological indicators such as heart rate and respiratory rate, which are specified by using a plurality of methods such as an optical method and an electrical method.
  • physiological indicators such as heart rate and respiratory rate
  • the fourth embodiment explains these different points, and omits the description of the same points.
  • the configuration of the authentication device 10 according to the fourth embodiment will be described with reference to FIG.
  • the authentication device 10 differs from the authentication device 10 shown in FIG. 1 in that the authentication device 10 includes a physiological index generation unit 26 as a functional component.
  • the physiological index generation unit 26 is realized by software or hardware like other functional components.
  • the authentication device 10 is different from the authentication device 10 shown in FIG. 1 in that the processor 11 is connected to a plurality of sensors 31 via the sensor interface 13. As the plurality of sensors 31, sensors that measure different physical quantities, such as an optical sensor and a vibration sensor, are used.
  • the operation of the authentication device 10 according to the fourth embodiment will be described with reference to FIGS. 17 to 19.
  • the operation procedure of the authentication device 10 according to the fourth embodiment corresponds to the authentication method according to the fourth embodiment.
  • the program that realizes the operation of the authentication device 10 according to the fourth embodiment corresponds to the authentication program according to the fourth embodiment.
  • step S402 to step S403 is the same as the process from step S102 to step S103 in FIG.
  • the process from step S405 to step S406 is the same as the process from step S104 to step S105 in FIG.
  • step S406 if it is determined that the second authentication is successful, the process proceeds to step S407 instead of making the authentication successful.
  • Step S401 Signal acquisition process
  • the signal acquisition unit 21 acquires a plurality of biological signals of the subject from the plurality of sensors 31 connected via the sensor interface 13.
  • the signal acquisition unit 21 writes a plurality of biological signals to the memory 12.
  • step S402 the authentication information may be generated from any one biological signal, or the authentication information may be generated from a plurality of biological signals.
  • step S403 the site information may be generated from any one biological signal, or the site information may be generated from a plurality of biological signals.
  • authentication information and site information may be generated by using another biological signal.
  • Step S404 Physiological index generation process
  • the physiological index generation unit 26 generates a physiological index related to the same physiology from each of the plurality of biological signals acquired in step S401.
  • the physiological index generation unit 26 writes the physiological index generated from each biological signal into the memory 12.
  • the PPG of the subject is measured by the PPG measurement sensor, and the minute vibration of the subject is measured by a vibration measurement sensor such as a piezoelectric element.
  • physiological indexes such as heart rate and respiratory rate can be obtained from PPG.
  • physiological indexes such as heart rate and respiratory rate can be obtained from minute vibrations obtained by a vibration measurement sensor. Therefore, it is conceivable that the physiological index generation unit 26 generates the heart rate as a physiological index from each of PPG and minute vibration, for example.
  • Step S407 Third authentication process
  • the authentication unit 24 compares the physiological indexes generated from each of the plurality of biological signals, and determines whether the third authentication is successful or unsuccessful. Specifically, in the authentication unit 24, the similarity of the physiological indicators generated from each of the plurality of biological signals is equal to or higher than the third threshold value, or the difference between the physiological indicators generated from each of the plurality of biological signals is an allowable value. It is determined whether or not the condition such as within is satisfied. If the condition is satisfied, the authentication unit 24 determines that the third authentication has succeeded, and if the condition is not satisfied, determines that the third authentication has failed. If it is determined that the third authentication is successful, the authentication unit 24 considers the authentication successful and ends the process. On the other hand, if it is determined that the third authentication has failed, the authentication unit 24 determines that the authentication has failed and ends the process. If it is determined that the third authentication has failed, the process may be returned to step S401 and the authentication process may be redone.
  • a condition for determining whether the third authentication succeeds or fails a condition such as whether the difference between the physiological index generated from each of a plurality of biological signals and the reference value of the physiological index is within the allowable value is included. You may. In this case, as shown in FIG. 19, it is necessary to store the reference value of the physiological index in addition to the authentication reference information and the site reference information as a premise for performing the process shown in FIG. Specifically, the processes from step S401 to step S404 are executed, and the average value or the like of the physiological index generated in step S404 is stored as the reference value of the physiological index.
  • step S402 to step S404 and the execution order from step S405 to step S407 are not limited to the order shown in FIG. 17, and may be interchanged.
  • the authentication device 10 performs authentication using a physiological index in addition to the authentication information and the site information. This makes it possible to guarantee to some extent that the object to be measured is a living body. Further, since different physical quantities are measured by the plurality of sensors 31, the labor and difficulty of artificial signal generation become high, and as a result, the difficulty of spoofing attack becomes high.
  • step S411 to step S417 is the same as the process from step S401 to step S407 in FIG. However, in step S407, if it is determined that the third authentication is successful, the authentication unit 24 proceeds to step S418.
  • Step S418 Continuation determination process
  • the authentication unit 24 determines whether or not the number of successes of the first authentication, the second authentication, and the third authentication has reached the reference number of times. When the number of successes reaches the reference number, the authentication unit 24 considers the authentication to be successful and ends the process. On the other hand, if the number of successes has not reached the reference number, the authentication unit 24 returns the process to step S411.
  • the authentication unit 24 may determine whether or not the site information is the site information for the same site as the site information generated for the first time. good. Then, if the condition is satisfied and the site information is the site information about the same site as the site information generated for the first time, the authentication unit 24 may determine that the second authentication has been successful.
  • 10 authentication device 11 processor, 12 memory, 13 sensor interface, 14 display interface, 15 communication interface, 16 auxiliary storage device, 21 signal acquisition unit, 22 authentication information generation unit, 23 part information generation unit, 24 authentication unit, 25 Signal calculation unit, 26 physiological index generation unit, 31 sensor.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Vision & Pattern Recognition (AREA)
  • Measurement Of The Respiration, Hearing Ability, Form, And Blood Characteristics Of Living Organisms (AREA)

Abstract

This signal acquisition unit (21) acquires a biological signal. An authentication information generation unit (22) generates, from the biological signal acquired by the signal acquisition unit (21), authentication information that differs in accordance with the entity of a living organism. A region information generation unit (23) generates, from the biological signal acquired by the signal acquisition unit (21), region information that differs, even with the same entity, in accordance with the acquired region of the biological signal. An authentication unit (24) performs authentication on the basis of the authentication information generated by the authentication information generation unit (22) and the region information generated by the region information generation unit (23).

Description

認証装置、認証方法及び認証プログラムAuthentication device, authentication method and authentication program
 本開示は、生体信号を用いた認証技術に関する。 This disclosure relates to authentication technology using biological signals.
 IoT(Internet of Things)の発展により、対象者を認証する場面及び装置が多様化している。顔認証又は指紋認証に代表される、画像として計測できる身体的特徴を用いる生体認証は、パスワード認証等と比べると対象者の負担が少ない。そのため、生体認証は、スマートフォン及びスマートウォッチといったデバイスとともに普及している。
 身体的特徴として、近年では、心臓の電気的活動の計測により得られる生体信号である心電図(以下、ECG:Electrocardiogram)を認証に利用する試みが進んでいる。国によってはECGによる認証デバイスの実用化が進んでいる。また、心拍に伴う血管の挙動を光学的に計測して得られる生体信号である光電容積脈波(以下、PPG:Photoplethysmogram)を認証に利用する研究も行われている。ここで、ECG及びPPGは、時系列信号である。 With the development of IoT (Internet of Things), the scenes and devices for authenticating the target person are diversifying. Biometric authentication using physical features that can be measured as an image, such as face authentication or fingerprint authentication, has less burden on the subject than password authentication or the like. Therefore, biometric authentication has become widespread along with devices such as smartphones and smart watches.
As a physical feature, in recent years, attempts have been made to use an electrocardiogram (hereinafter referred to as ECG: Electrocardiogram), which is a biological signal obtained by measuring the electrical activity of the heart, for authentication. In some countries, ECG authentication devices are being put into practical use. Research is also being conducted on the use of photoelectric volume pulse waves (hereinafter, PPG: Photoplethysmogram), which are biological signals obtained by optically measuring the behavior of blood vessels associated with heartbeat, for authentication. Here, ECG and PPG are time series signals.
 非特許文献1,2に記載されたように、ECG及びPPGといった生体信号は身体上の様々な部位で計測できる場合がある。これを利用して、攻撃者がなりすましたい対象者の身体に触れる場所にセンサを設置して、生体信号の計測を不正に行う可能性がある。また、生体信号は電気信号として扱うことが多いため、非特許文献1に記載されたように、攻撃者が不正に生体信号を生成し、認証デバイスに入力する攻撃が考えられる。
 したがって、今後生体信号を用いた認証が普及し多様化するにあたって、不正な生体信号の計測及び不正な生体信号の生成によるなりすまし攻撃に対する対策を備えた認証手法が必要になる。 As described in Non-Patent Documents 1 and 2, biological signals such as ECG and PPG may be measured at various parts of the body. Using this, there is a possibility that a sensor will be installed in a place where the attacker impersonates the target person's body and the biological signal will be measured illegally. Further, since the biological signal is often treated as an electric signal, as described in Non-Patent Document 1, it is conceivable that an attacker illegally generates a biological signal and inputs it to an authentication device.
Therefore, in order for authentication using biological signals to become widespread and diversified in the future, an authentication method equipped with countermeasures against spoofing attacks due to measurement of illegal biological signals and generation of illegal biological signals will be required.
 特許文献1及び非特許文献3には、攻撃者が不正に生成した情報によるなりすまし攻撃への対策を備えた認証について記載されている。
 特許文献1には、指紋認証を行う前に、指からPPGを計測できることを確認することにより、提示された指紋が人工的に生成されたものではなく生体(指)から取得されたことを保証して認証を行うことが記載されている。
 非特許文献3には、顔認証と同時にカメラ及び画像処理によりPPGを計測できることを確認することによって、カメラが顔認証用に計測している対象がマスクといった人工物ではなく生体(顔)であることを保証して認証を行うことが記載されている。 Patent Document 1 and Non-Patent Document 3 describe authentication provided with countermeasures against spoofing attacks using information illegally generated by an attacker.
Patent Document 1 guarantees that the presented fingerprint was obtained from a living body (finger) rather than artificially generated by confirming that PPG can be measured from a finger before performing fingerprint authentication. It is described that the authentication is performed.
In Non-Patent Document 3, by confirming that PPG can be measured by a camera and image processing at the same time as face recognition, the object measured by the camera for face recognition is not an artificial object such as a mask but a living body (face). It is stated that the certification is performed by guaranteeing that.
特開2020-093114号公報Japanese Unexamined Patent Publication No. 2020-093114
 特許文献1及び非特許文献3に記載されたなりすまし攻撃対策は、いずれも指紋又は顔のように、画像として取得される身体的特徴による認証に追加する対策である。そのため、生体信号を利用した認証へのなりすまし攻撃に対する対策は不十分である。特に、なりすましたい相手に対する生体信号の不正計測によるなりすまし攻撃については、認証の観点での対策はなされていない。
 本開示は、生体信号の不正計測によるなりすまし攻撃への対策を実現可能にすることを目的とする。 The spoofing attack countermeasures described in Patent Document 1 and Non-Patent Document 3 are both countermeasures added to authentication based on physical features acquired as images, such as fingerprints or faces. Therefore, countermeasures against spoofing attacks on authentication using biological signals are insufficient. In particular, no countermeasures have been taken from the viewpoint of authentication for spoofing attacks by fraudulent measurement of biological signals against a spoofing partner.
It is an object of the present disclosure to make it feasible to take measures against spoofing attacks due to unauthorized measurement of biological signals.
 本開示に係る認証装置は、
 生体信号を取得する信号取得部と、
 前記信号取得部によって取得された前記生体信号から、生体の個体に応じて異なる認証情報を生成する認証情報生成部と、
 前記生体信号から、前記生体信号の取得部位に応じて異なる部位情報を生成する部位情報生成部と、
 前記認証情報生成部によって生成された前記認証情報と、前記部位情報生成部によって生成された前記部位情報とに基づき、認証を行う認証部と
を備える。 The authentication device according to this disclosure is
A signal acquisition unit that acquires biological signals,
An authentication information generation unit that generates different authentication information according to an individual living body from the biological signal acquired by the signal acquisition unit.
A site information generation unit that generates different site information from the biological signal depending on the acquisition site of the biological signal.
It includes an authentication unit that performs authentication based on the authentication information generated by the authentication information generation unit and the site information generated by the site information generation unit.
 本開示では、認証情報に加え、部位情報を用いて認証を行う。これにより、意図した部位以外で不正に計測された生体信号を用いた場合に、認証が成功しないように制御可能である。そのため、生体信号の不正計測によるなりすまし攻撃への対策を実現可能である。 In this disclosure, authentication is performed using site information in addition to authentication information. As a result, it is possible to control so that authentication does not succeed when a biological signal illegally measured in a part other than the intended part is used. Therefore, it is possible to implement countermeasures against spoofing attacks due to unauthorized measurement of biological signals.
実施の形態1に係る認証装置10の構成図。The block diagram of the authentication apparatus 10 which concerns on Embodiment 1. FIG. 実施の形態1に係る認証装置10の処理のフローチャート。The flowchart of the process of the authentication apparatus 10 which concerns on Embodiment 1. FIG. 実施の形態1に係る生体信号がECGの場合における部位情報の説明図。An explanatory diagram of site information when the biological signal according to the first embodiment is ECG. 実施の形態1に係る生体信号がPPGの場合における部位情報の説明図。An explanatory diagram of site information when the biological signal according to the first embodiment is PPG. 実施の形態1に係る認証基準情報及び部位基準情報の説明図。Explanatory drawing of authentication standard information and site standard information which concerns on Embodiment 1. FIG. 変形例2に係る認証装置10の処理のフローチャート。The flowchart of the process of the authentication apparatus 10 which concerns on modification 2. 実施の形態2に係る認証装置10の構成図。The block diagram of the authentication apparatus 10 which concerns on Embodiment 2. FIG. 実施の形態2に係る認証装置10の処理のフローチャート。The flowchart of the process of the authentication apparatus 10 which concerns on Embodiment 2. 実施の形態2に係る複合信号の説明図。The explanatory view of the composite signal which concerns on Embodiment 2. 変形例5に係る認証装置10の処理のフローチャート。The flowchart of the process of the authentication apparatus 10 which concerns on modification 5. 実施の形態3に係る認証装置10の構成図。The block diagram of the authentication apparatus 10 which concerns on Embodiment 3. FIG. 実施の形態3に係る認証装置10の処理のフローチャート。The flowchart of the process of the authentication apparatus 10 which concerns on Embodiment 3. 実施の形態3に係る認証基準情報及び部位基準情報の説明図。Explanatory drawing of authentication standard information and site standard information which concerns on Embodiment 3. 実施の形態3に係る認証基準情報及び部位基準情報の説明図。Explanatory drawing of authentication standard information and site standard information which concerns on Embodiment 3. 変形例6に係る認証装置10の処理のフローチャート。The flowchart of the process of the authentication apparatus 10 which concerns on modification 6. 実施の形態4に係る認証装置10の構成図。The block diagram of the authentication apparatus 10 which concerns on Embodiment 4. FIG. 実施の形態4に係る認証装置10の処理のフローチャート。The flowchart of the process of the authentication apparatus 10 which concerns on Embodiment 4. 実施の形態4に係る生理指標の説明図。The explanatory view of the physiological index which concerns on Embodiment 4. 実施の形態4に係る認証基準情報と部位基準情報と生理指標の基準値との説明図。An explanatory diagram of the authentication standard information, the site standard information, and the reference value of the physiological index according to the fourth embodiment. 変形例7に係る認証装置10の処理のフローチャート。The flowchart of the process of the authentication apparatus 10 which concerns on modification 7.
 実施の形態1.
 ***構成の説明***
 図1を参照して、実施の形態1に係る認証装置10の構成を説明する。
 認証装置10は、コンピュータである。具体例としては、認証装置10は、スマートウォッチのようなウェアラブルと、スマートフォンのようなモバイル機器と、建物の入り口等に設置される設置型機器とである。 Embodiment 1.
*** Explanation of configuration ***
The configuration of the authentication device 10 according to the first embodiment will be described with reference to FIG.
The authentication device 10 is a computer. As a specific example, the authentication device 10 is a wearable such as a smart watch, a mobile device such as a smartphone, and a stationary device installed at an entrance of a building or the like.
 認証装置10は、プロセッサ11と、メモリ12と、センサインタフェース13と、表示器インタフェース14と、通信インタフェース15と、補助記憶装置16とのハードウェアを備える。プロセッサ11は、信号線を介して他のハードウェアと接続され、これら他のハードウェアを制御する。 The authentication device 10 includes hardware of a processor 11, a memory 12, a sensor interface 13, a display interface 14, a communication interface 15, and an auxiliary storage device 16. The processor 11 is connected to other hardware via a signal line and controls these other hardware.
 プロセッサ11は、プロセッシングを行うIC(Integrated Circuit)である。プロセッサ11は、具体例としては、CPU(Central Processing Unit)、DSP(Digital Signal Processor)、GPU(Graphics Processing Unit)である。 The processor 11 is an IC (Integrated Circuit) that performs processing. Specific examples of the processor 11 are a CPU (Central Processing Unit), a DSP (Digital Signal Processor), and a GPU (Graphics Processing Unit).
 メモリ12は、データを一時的に記憶する記憶装置である。メモリ12は、具体例としては、SRAM(Static Random Access Memory)、DRAM(Dynamic Random Access Memory)である。 The memory 12 is a storage device that temporarily stores data. As a specific example, the memory 12 is a SRAM (Static Random Access Memory) or a DRAM (Dynamic Random Access Memory).
 センサインタフェース13は、認証装置10に搭載された、あるいは、認証装置10の外部に設置されたセンサ31と通信するためのインタフェースである。センサインタフェース13は、具体例としては、USB(Universal Serial Bus)のポートである。
 図1では、センサ31は、認証装置10に搭載されているが、センサ31は認証装置10の外部に設置されていてもよい。例えば、センサ31は、認証装置10とは独立して対象者が装着する形態が考えられる。また、センサインタフェース13についても、センサ31とともに認証装置10とは独立して設けられる形態も考えられる。この場合には、通信インタフェース15を介して、センサインタフェース13に接続される。 The sensor interface 13 is an interface for communicating with a sensor 31 mounted on the authentication device 10 or installed outside the authentication device 10. As a specific example, the sensor interface 13 is a USB (Universal Serial Bus) port.
In FIG. 1, the sensor 31 is mounted on the authentication device 10, but the sensor 31 may be installed outside the authentication device 10. For example, the sensor 31 may be worn by the subject independently of the authentication device 10. Further, the sensor interface 13 may be provided together with the sensor 31 independently of the authentication device 10. In this case, it is connected to the sensor interface 13 via the communication interface 15.
 表示器インタフェース14は、認証装置10に搭載された、あるいは、認証装置10の外部に設置された表示器と通信するためのインタフェースである。表示器インタフェース14は、具体例としては、HDMI(登録商標,High-Definition Multimedia Interface)のポートである。 The display interface 14 is an interface for communicating with a display mounted on the authentication device 10 or installed outside the authentication device 10. As a specific example, the display interface 14 is a port of HDMI (registered trademark, High-Definition Multimedia Interface).
 通信インタフェース15は、外部の装置と通信するためのインタフェースである。通信インタフェース15は、具体例としては、Ethernet(登録商標)のポートである。 The communication interface 15 is an interface for communicating with an external device. The communication interface 15 is, as a specific example, a port of Ethernet®.
 補助記憶装置16は、データを保管する記憶装置である。補助記憶装置16は、具体例としては、HDD(Hard Disk Drive)である。また、補助記憶装置16は、SD(登録商標,Secure Digital)メモリカード、CF(CompactFlash,登録商標)、NANDフラッシュ、フレキシブルディスク、光ディスク、コンパクトディスク、ブルーレイ(登録商標)ディスク、DVD(Digital Versatile Disk)といった可搬記録媒体であってもよい。 The auxiliary storage device 16 is a storage device for storing data. As a specific example, the auxiliary storage device 16 is an HDD (Hard Disk Drive). The auxiliary storage device 16 includes an SD (registered trademark, Secure Digital) memory card, CF (CompactFlash, registered trademark), a NAND flash, a flexible disk, an optical disk, a compact disk, a Blu-ray (registered trademark) disk, and a DVD (Digital Versaille Disk). ) May be a portable recording medium.
 認証装置10は、機能構成要素として、信号取得部21と、認証情報生成部22と、部位情報生成部23と、認証部24とを備える。認証装置10の各機能構成要素の機能はソフトウェアにより実現される。
 補助記憶装置16には、認証装置10の各機能構成要素の機能を実現するプログラムが格納されている。このプログラムは、プロセッサ11によりメモリ12に読み込まれ、プロセッサ11によって実行される。これにより、認証装置10の各機能構成要素の機能が実現される。 The authentication device 10 includes a signal acquisition unit 21, an authentication information generation unit 22, a site information generation unit 23, and an authentication unit 24 as functional components. The functions of each functional component of the authentication device 10 are realized by software.
The auxiliary storage device 16 stores a program that realizes the functions of each functional component of the authentication device 10. This program is read into the memory 12 by the processor 11 and executed by the processor 11. As a result, the functions of each functional component of the authentication device 10 are realized.
 図1では、プロセッサ11は、1つだけ示されていた。しかし、プロセッサ11は、複数であってもよく、複数のプロセッサ11が、各機能を実現するプログラムを連携して実行してもよい。 In FIG. 1, only one processor 11 was shown. However, the number of processors 11 may be plural, and the plurality of processors 11 may execute programs that realize each function in cooperation with each other.
 ***動作の説明***
 図2から図5を参照して、実施の形態1に係る認証装置10の動作を説明する。
 実施の形態1に係る認証装置10の動作手順は、実施の形態1に係る認証方法に相当する。また、実施の形態1に係る認証装置10の動作を実現するプログラムは、実施の形態1に係る認証プログラムに相当する。 *** Explanation of operation ***
The operation of the authentication device 10 according to the first embodiment will be described with reference to FIGS. 2 to 5.
The operation procedure of the authentication device 10 according to the first embodiment corresponds to the authentication method according to the first embodiment. Further, the program that realizes the operation of the authentication device 10 according to the first embodiment corresponds to the authentication program according to the first embodiment.
 図2を参照して、実施の形態1に係る認証装置10の処理の流れを説明する。
 (ステップS101:信号取得処理)
 信号取得部21は、センサインタフェース13を介して接続されたセンサ31から、対象者の生体信号を取得する。生体信号は、具体例としては、心臓の電気的活動の計測により得られるECGと、心拍に伴う血管の挙動を光学的に計測して得られるPPGといった時系列信号が考えられる。しかし、生体信号は、これらに限定されるものではない。信号取得部21は、生体信号をメモリ12に書き込む。 The processing flow of the authentication apparatus 10 according to the first embodiment will be described with reference to FIG.
(Step S101: Signal acquisition process)
The signal acquisition unit 21 acquires the biological signal of the subject from the sensor 31 connected via the sensor interface 13. Specific examples of the biological signals include time-series signals such as ECG obtained by measuring the electrical activity of the heart and PPG obtained by optically measuring the behavior of blood vessels associated with the heartbeat. However, biological signals are not limited to these. The signal acquisition unit 21 writes the biological signal to the memory 12.
 (ステップS102:認証情報生成処理)
 認証情報生成部22は、ステップS101で取得された生体信号から、生体の個体に応じて異なる認証情報を生成する。
 具体的には、認証情報生成部22は、生体信号をメモリ12から読み出す。認証情報生成部22は、生体信号の波形を認証情報として生成する、あるいは、生体信号から特徴量を抽出し、特徴量を認証情報とするといった方法により、認証情報を生成する。認証情報が生体の個体によって異なっていれば、認証情報の生成方法は限定されない。認証情報生成部22は、認証情報をメモリ12に書き込む。 (Step S102: Authentication information generation process)
The authentication information generation unit 22 generates different authentication information according to the individual of the living body from the biological signal acquired in step S101.
Specifically, the authentication information generation unit 22 reads the biological signal from the memory 12. The authentication information generation unit 22 generates authentication information by a method of generating a waveform of a biological signal as authentication information, or extracting a feature amount from the biological signal and using the feature amount as authentication information. As long as the authentication information differs depending on the individual living body, the method of generating the authentication information is not limited. The authentication information generation unit 22 writes the authentication information in the memory 12.
 (ステップS103:部位情報生成処理)
 部位情報生成部23は、ステップS101で取得された生体信号から、同一の個体であっても生体信号の取得部位に応じて異なる部位情報を生成する。
 具体的には、部位情報生成部23は、生体信号をメモリ12から読み出す。部位情報生成部23は、認証情報の生成方法のように、生体信号の波形を部位情報として生成する、あるいは、生体信号から特徴量を抽出し、特徴量を部位情報とするといった方法により、部位情報を生成する。但し、部位情報は、生体信号の取得部位に応じて異なる情報である必要がある。部位情報が生体信号の取得部位に応じて異なっていれば、部位情報の生成方法は限定されない。部位情報生成部23は、部位情報をメモリ12に書き込む。 (Step S103: Part information generation process)
The site information generation unit 23 generates different site information from the biological signal acquired in step S101 according to the acquisition site of the biological signal even for the same individual.
Specifically, the site information generation unit 23 reads the biological signal from the memory 12. The site information generation unit 23 generates a waveform of a biological signal as site information, or extracts a feature amount from the biological signal and uses the feature amount as site information, as in the method of generating authentication information. Generate information. However, the site information needs to be different depending on the site where the biological signal is acquired. As long as the site information differs depending on the site where the biological signal is acquired, the method for generating the site information is not limited. The site information generation unit 23 writes the site information to the memory 12.
 図3を参照して、生体信号がECGの場合における部位情報の例を説明する。
 図3では、複数の箇所で計測されたECGの波形を重ね合わせて比較した例が示されている。具体的には、図3では、同一の個体について、手首で計測されたECGの波形と、掌で計測されたECGの波形とが示されている。図3に示されたように、同一の個体であっても、極大値と、極大値が現れた時刻とにずれが生じることが分かる。したがって、ECGの波形における極大値と極大値が現れた時刻とを部位情報とすることが考えられる。 An example of site information when the biological signal is ECG will be described with reference to FIG.
FIG. 3 shows an example in which ECG waveforms measured at a plurality of locations are superimposed and compared. Specifically, FIG. 3 shows an ECG waveform measured by the wrist and an ECG waveform measured by the palm of the same individual. As shown in FIG. 3, it can be seen that even in the same individual, there is a difference between the maximum value and the time when the maximum value appears. Therefore, it is conceivable to use the maximum value in the ECG waveform and the time when the maximum value appears as site information.
 図4を参照して、生体信号がPPGの場合における部位情報の例を説明する。
 図4では、複数の箇所で計測されたPPGの波形を重ね合わせて比較した例が示されている。具体的には、図4では、同一の個体について、指で計測されたPPGの波形と、額で計測されたPPGの波形とが示されている。図4に示されたように、同一の個体であっても、1つ目の極大値が現れた時刻と、2つの極大値とにずれが生じることが分かる。したがって、PPGの波形における極大値と極大値が現れた時刻とを部位情報とすることが考えられる。 An example of site information when the biological signal is PPG will be described with reference to FIG.
FIG. 4 shows an example in which PPG waveforms measured at a plurality of locations are superimposed and compared. Specifically, FIG. 4 shows a PPG waveform measured by a finger and a PPG waveform measured by a forehead for the same individual. As shown in FIG. 4, it can be seen that even in the same individual, there is a difference between the time when the first maximum value appears and the two maximum values. Therefore, it is conceivable to use the maximum value in the PPG waveform and the time when the maximum value appears as site information.
 (ステップS104:第1認証処理)
 認証部24は、ステップS102で生成された認証情報と、事前に補助記憶装置16に記憶された認証基準情報とを比較して、第1認証に成功したか失敗したかを判定する。
 具体的には、認証部24は、ステップS102で生成された認証情報と、認証基準情報との類似度が第1閾値以上である、又は、ステップS102で生成された認証情報と、認証基準情報との差が許容値以内であるといった条件を満たすか否かを判定する。認証部24は、条件を満たす場合には、第1認証に成功したと判定し、条件を満たさない場合には、第1認証に失敗したと判定する。
 認証部24は、第1認証に成功したと判定された場合には、処理をステップS105に進める。一方、認証部24は、第1認証に失敗したと判定された場合には、認証失敗として、処理を終了する。なお、第1認証に失敗したと判定された場合には、処理をステップS101に戻して、認証処理をやり直させてもよい。 (Step S104: First authentication process)
The authentication unit 24 compares the authentication information generated in step S102 with the authentication standard information stored in the auxiliary storage device 16 in advance, and determines whether the first authentication is successful or unsuccessful.
Specifically, the authentication unit 24 has the authentication information generated in step S102 and the authentication standard information having a similarity of the first threshold value or more, or the authentication information generated in step S102 and the authentication standard information. It is determined whether or not the condition that the difference between the and is within the allowable value is satisfied. If the condition is satisfied, the authentication unit 24 determines that the first authentication has succeeded, and if the condition is not satisfied, determines that the first authentication has failed.
If it is determined that the first authentication is successful, the authentication unit 24 advances the process to step S105. On the other hand, if it is determined that the first authentication has failed, the authentication unit 24 determines that the authentication has failed and ends the process. If it is determined that the first authentication has failed, the process may be returned to step S101 and the authentication process may be redone.
 (ステップS105:第2認証処理)
 認証部24は、ステップS103で生成された部位情報と、事前に補助記憶装置16に記憶された部位基準情報とを比較して、第2認証に成功したか失敗したかを判定する。
 具体的には、認証部24は、ステップS103で生成された部位情報と、部位基準情報との類似度が第2閾値以上である、又は、ステップS103で生成された部位情報と、部位基準情報との差が許容値以内であるといった条件を満たすか否かを判定する。認証部24は、条件を満たす場合には、第2認証に成功したと判定し、条件を満たさない場合には、第2認証に失敗したと判定する。
 認証部24は、第2認証に成功したと判定された場合には、認証成功として、処理を終了する。一方、認証部24は、第2認証に失敗したと判定された場合には、認証失敗として、処理を終了する。なお、第2認証に失敗したと判定された場合には、処理をステップS101に戻して、認証処理をやり直させてもよい。 (Step S105: Second authentication process)
The authentication unit 24 compares the site information generated in step S103 with the site reference information stored in the auxiliary storage device 16 in advance, and determines whether the second authentication succeeds or fails.
Specifically, the authentication unit 24 has the site information generated in step S103 and the site reference information having a similarity of the second threshold value or more, or the site information generated in step S103 and the site reference information. It is determined whether or not the condition that the difference between the and is within the allowable value is satisfied. If the condition is satisfied, the authentication unit 24 determines that the second authentication has succeeded, and if the condition is not satisfied, determines that the second authentication has failed.
If it is determined that the second authentication is successful, the authentication unit 24 considers the authentication successful and ends the process. On the other hand, if it is determined that the second authentication has failed, the authentication unit 24 determines that the authentication has failed and ends the process. If it is determined that the second authentication has failed, the process may be returned to step S101 and the authentication process may be redone.
 ステップS104では、事前に補助記憶装置16に認証基準情報が記憶されたと説明した。また、ステップS105では、事前に補助記憶装置16に部位基準情報が記憶されたと説明した。
 このように、図2に示す処理を行う前提として、認証基準情報及び部位基準情報を記憶しておく必要がある。具体的には、ステップS101からステップS103までの処理を実行して、ステップS102で生成された認証情報を認証基準情報とし、ステップS103で生成された部位情報を部位基準情報として記憶される。
 認証情報及び部位情報は、年月が経過するにつれて変化する場合がある。そこで、一定期間が経過した場合には認証基準情報及び部位基準情報を取得し直すようにしてもよい。そして、図5に示すように、1人の対象者について、認証基準情報及び部位基準情報が生体信号の計測日時とともに記憶される。なお、図5では、認証基準情報及び部位基準情報として、特徴量が用いられた場合を示している。 In step S104, it was explained that the authentication standard information was stored in the auxiliary storage device 16 in advance. Further, in step S105, it was explained that the site reference information was stored in the auxiliary storage device 16 in advance.
As described above, it is necessary to store the authentication standard information and the site standard information as a premise for performing the process shown in FIG. Specifically, the processes from step S101 to step S103 are executed, the authentication information generated in step S102 is stored as authentication reference information, and the site information generated in step S103 is stored as site reference information.
Authentication information and site information may change over the years. Therefore, when a certain period of time has passed, the authentication standard information and the site standard information may be reacquired. Then, as shown in FIG. 5, the authentication reference information and the site reference information are stored together with the measurement date and time of the biological signal for one subject. Note that FIG. 5 shows a case where the feature amount is used as the authentication standard information and the site standard information.
 なお、ステップS102とステップS103との実行順序と、ステップS104とステップS105との実行順序とは、図2に示す順序に限定されず、入れ替わってもよい。 The execution order of step S102 and step S103 and the execution order of step S104 and step S105 are not limited to the order shown in FIG. 2, and may be interchanged.
 ***実施の形態1の効果***
 以上のように、実施の形態1に係る認証装置10は、認証情報に加えて部位情報を用いて認証を行う。これにより、意図した部位以外で不正に計測された生体信号を用いた場合に、認証が成功しないように制御可能である。そのため、生体信号の不正計測によるなりすまし攻撃への対策を実現可能である。 *** Effect of Embodiment 1 ***
As described above, the authentication device 10 according to the first embodiment authenticates using the site information in addition to the authentication information. As a result, it is possible to control so that authentication does not succeed when a biological signal illegally measured at a site other than the intended site is used. Therefore, it is possible to implement countermeasures against spoofing attacks due to unauthorized measurement of biological signals.
 ***他の構成***
 <変形例1>
 センサ31の個数は特に限定されない。単一のセンサで計測された単一の生体信号から認証情報及び部位情報が生成されてもよいし、複数のセンサで計測された複数の生体信号から認証情報及び部位情報が生成されてもよい。
 また、信号取得部21は、センサインタフェース13を介してセンサ31を制御し、認証情報を生成するための生体信号と部位情報を生成するための生体信号とを切り替えて取得してもよい。例えば、信号取得部21は、使用するセンサ31を切り替えたり、センサ31の動作に必要な設定値を変更したりすることが考えられる。この場合には、認証情報生成部22は、認証情報を生成するための生体信号から認証情報を生成し、部位情報生成部23は、部位情報を生成するための生体信号から部位情報を生成する。 *** Other configurations ***
<Modification 1>
The number of sensors 31 is not particularly limited. Authentication information and site information may be generated from a single biological signal measured by a single sensor, or authentication information and site information may be generated from a plurality of biological signals measured by a plurality of sensors. ..
Further, the signal acquisition unit 21 may control the sensor 31 via the sensor interface 13 to switch between a biological signal for generating authentication information and a biological signal for generating site information. For example, the signal acquisition unit 21 may switch the sensor 31 to be used or change the set value required for the operation of the sensor 31. In this case, the authentication information generation unit 22 generates the authentication information from the biological signal for generating the authentication information, and the site information generation unit 23 generates the site information from the biological signal for generating the site information. ..
 <変形例2>
 実施の形態1では、認証情報による第1認証と、部位情報による第2認証とが1度成功すれば、認証成功となった。しかし、認証情報による第1認証と、部位情報による第2認証とが複数回連続して成功した場合に、認証成功となるようにしてもよい。 <Modification 2>
In the first embodiment, if the first authentication based on the authentication information and the second authentication based on the site information are successful once, the authentication is successful. However, if the first authentication based on the authentication information and the second authentication based on the site information are successful a plurality of times in succession, the authentication may be successful.
 図6を参照して、変形例2に係る認証装置10の処理の流れを説明する。
 ステップS111からステップS115の処理は、図2のステップS101からステップS105の処理と同じである。但し、ステップS115では、認証部24は、第2認証に成功したと判定された場合には、処理をステップS116に進める。 With reference to FIG. 6, the flow of processing of the authentication device 10 according to the second modification will be described.
The process from step S111 to step S115 is the same as the process from step S101 to step S105 in FIG. However, in step S115, if it is determined that the second authentication is successful, the authentication unit 24 advances the process to step S116.
 (ステップS116:継続判定処理)
 認証部24は、第1認証及び第2認証の成功回数が基準回数に達したか否かを判定する。
 認証部24は、成功回数が基準回数に達した場合には、認証成功として、処理を終了する。一方、認証部24は、成功回数が基準回数に達していない場合には、処理をステップS111に戻す。 (Step S116: Continuation determination process)
The authentication unit 24 determines whether or not the number of successful first and second authentications has reached the reference number of times.
When the number of successes reaches the reference number, the authentication unit 24 considers the authentication to be successful and ends the process. On the other hand, if the number of successes has not reached the reference number, the authentication unit 24 returns the process to step S111.
 なお、2回目以降のステップS115では、認証部24は、部位情報が1回目に生成された部位情報と同じ部位についての部位情報であるか否かを判定してもよい。そして、認証部24は、条件を満たし、かつ、部位情報が1回目に生成された部位情報と同じ部位についての部位情報である場合には、第2認証に成功したと判定してもよい。
 これにより、処理の途中で計測部位が変更された場合には、認証失敗となるようにしてもよい。つまり、処理の途中でセンサが移動した場合には、認証失敗となるようにしてもよい。 In the second and subsequent steps S115, the authentication unit 24 may determine whether or not the site information is the site information for the same site as the site information generated for the first time. Then, if the condition is satisfied and the site information is the site information about the same site as the site information generated for the first time, the authentication unit 24 may determine that the second authentication has been successful.
As a result, if the measurement site is changed during the process, the authentication may fail. That is, if the sensor moves in the middle of the process, the authentication may fail.
 <変形例3>
 実施の形態1では、各機能構成要素がソフトウェアで実現された。しかし、変形例1として、各機能構成要素はハードウェアで実現されてもよい。この変形例1について、実施の形態1と異なる点を説明する。 <Modification 3>
In the first embodiment, each functional component is realized by software. However, as a modification 1, each functional component may be realized by hardware. The difference between the first modification and the first embodiment will be described.
 参照して、変形例1に係る認証装置10の構成を説明する。
 各機能構成要素がハードウェアで実現される場合には、認証装置10は、プロセッサ11とメモリ12と補助記憶装置16とに代えて、電子回路を備える。電子回路は、各機能構成要素と、メモリ12と、補助記憶装置16との機能とを実現する専用の回路である。 With reference to this, the configuration of the authentication device 10 according to the first modification will be described.
When each functional component is implemented in hardware, the authentication device 10 includes an electronic circuit instead of the processor 11, the memory 12, and the auxiliary storage device 16. The electronic circuit is a dedicated circuit that realizes the functions of each functional component, the memory 12, and the auxiliary storage device 16.
 電子回路としては、単一回路、複合回路、プログラム化したプロセッサ、並列プログラム化したプロセッサ、ロジックIC、GA(Gate Array)、ASIC(Application Specific Integrated Circuit)、FPGA(Field-Programmable Gate Array)が想定される。
 各機能構成要素を1つの電子回路で実現してもよいし、各機能構成要素を複数の電子回路に分散させて実現してもよい。 As the electronic circuit, a single circuit, a composite circuit, a programmed processor, a parallel programmed processor, a logic IC, a GA (Gate Array), an ASIC (Application Specific Integrated Circuit), and an FPGA (Field-Programmable Gate Array) are assumed. Will be done.
Each functional component may be realized by one electronic circuit, or each functional component may be distributed and realized by a plurality of electronic circuits.
 <変形例4>
 変形例4として、一部の各機能構成要素がハードウェアで実現され、他の各機能構成要素がソフトウェアで実現されてもよい。 <Modification example 4>
As a modification 4, some functional components may be realized by hardware, and other functional components may be realized by software.
 プロセッサ11とメモリ12と補助記憶装置16と電子回路とを処理回路という。つまり、各機能構成要素の機能は、処理回路により実現される。 The processor 11, the memory 12, the auxiliary storage device 16, and the electronic circuit are called processing circuits. That is, the function of each functional component is realized by the processing circuit.
 実施の形態2.
 実施の形態2は、複数のセンサ31から取得した複数の生体信号を入力として演算を行い生成された複合信号から認証情報と部位情報との少なくともいずれかを生成する点が実施の形態1と異なる。実施の形態2では、この異なる点を説明し、同一の点については説明を省略する。
 実施の形態2では、認証情報と部位情報との両方が複合信号から生成される場合を説明する。 Embodiment 2.
The second embodiment is different from the first embodiment in that at least one of authentication information and site information is generated from a composite signal generated by performing an operation by inputting a plurality of biological signals acquired from a plurality of sensors 31. .. In the second embodiment, these different points will be described, and the same points will be omitted.
In the second embodiment, a case where both the authentication information and the site information are generated from the composite signal will be described.
 ***構成の説明***
 図7を参照して、実施の形態2に係る認証装置10の構成を説明する。
 認証装置10は、機能構成要素として、信号演算部25を備える点が図1に示す認証装置10と異なる。信号演算部25は、他の機能構成要素と同様に、ソフトウェア又はハードウェアによって実現される。
 また、認証装置10は、プロセッサ11がセンサインタフェース13を介して複数のセンサ31と接続されている点が図1に示す認証装置10と異なる。各センサ31は、同じ仕様のセンサであってもよいし、異なる仕様のセンサであってもよい。 *** Explanation of configuration ***
The configuration of the authentication device 10 according to the second embodiment will be described with reference to FIG. 7.
The authentication device 10 differs from the authentication device 10 shown in FIG. 1 in that the authentication device 10 includes a signal calculation unit 25 as a functional component. The signal calculation unit 25 is realized by software or hardware like other functional components.
Further, the authentication device 10 is different from the authentication device 10 shown in FIG. 1 in that the processor 11 is connected to a plurality of sensors 31 via the sensor interface 13. Each sensor 31 may be a sensor having the same specifications or may be a sensor having different specifications.
 ***動作の説明***
 図8及び図9を参照して、実施の形態2に係る認証装置10の動作を説明する。
 実施の形態2に係る認証装置10の動作手順は、実施の形態2に係る認証方法に相当する。また、実施の形態2に係る認証装置10の動作を実現するプログラムは、実施の形態2に係る認証プログラムに相当する。 *** Explanation of operation ***
The operation of the authentication device 10 according to the second embodiment will be described with reference to FIGS. 8 and 9.
The operation procedure of the authentication device 10 according to the second embodiment corresponds to the authentication method according to the second embodiment. Further, the program that realizes the operation of the authentication device 10 according to the second embodiment corresponds to the authentication program according to the second embodiment.
 図8を参照して、実施の形態2に係る認証装置10の処理の流れを説明する。
 ステップS206からステップS207の処理は、図2のステップS104からステップS105の処理と同じである。 With reference to FIG. 8, the flow of processing of the authentication device 10 according to the second embodiment will be described.
The process from step S206 to step S207 is the same as the process from step S104 to step S105 in FIG.
 (ステップS201:演算方法決定処理)
 信号演算部25は、複合信号を演算するための演算方法を決定する。演算方法は、具体例としては、複数の生体信号の加算又は減算である。しかし、演算方法は、これに限るものではない。
 具体的には、信号演算部25は、対象者等から演算方法の指定を受け付ける、事前に設定された演算方法を読み出すといった方法により、演算方法を決定する。 (Step S201: Calculation method determination process)
The signal calculation unit 25 determines a calculation method for calculating a composite signal. As a specific example, the calculation method is addition or subtraction of a plurality of biological signals. However, the calculation method is not limited to this.
Specifically, the signal calculation unit 25 determines the calculation method by a method such as accepting a designation of the calculation method from a target person or the like and reading a preset calculation method.
 (ステップS202:信号取得処理)
 信号取得部21は、センサインタフェース13を介して接続された複数のセンサ31から、対象者の複数の生体信号を取得する。信号取得部21は、複数の生体信号をメモリ12に書き込む。 (Step S202: Signal acquisition process)
The signal acquisition unit 21 acquires a plurality of biological signals of the subject from the plurality of sensors 31 connected via the sensor interface 13. The signal acquisition unit 21 writes a plurality of biological signals to the memory 12.
 (ステップS203:信号演算処理)
 信号演算部25は、ステップS202で取得された複数の生体信号を入力として、ステップS201で決定された演算方法により演算を行い複合信号を生成する。信号演算部25は、複合信号をメモリ12に書き込む。 (Step S203: Signal calculation processing)
The signal calculation unit 25 receives a plurality of biological signals acquired in step S202 as inputs, performs calculations by the calculation method determined in step S201, and generates a composite signal. The signal calculation unit 25 writes the composite signal to the memory 12.
 図9を参照して、複合信号の例を説明する。
 図9では、2個のセンサ31によってPPGが計測され、得られたPPG同士の演算が行われる例が示されている。PPGは、血管に対して光源より光を照射して得られる反射光又は透過光を受光部で取得することで計測される。PPGは、光源の波長(色)によって計測される波形が異なる。特に、生体内で光が到達できる深さが波長により異なる。そのため、例えば、図9に示すように、緑色光で得た生体信号と赤外光で得た生体信号との差分を計算することで、深部の情報だけを抽出することができると考えられる。このように各生体信号間の演算により得た複合信号は、単一の生体信号よりも人工的な生成が難しいと考えられる。 An example of a composite signal will be described with reference to FIG.
FIG. 9 shows an example in which PPG is measured by two sensors 31 and the obtained PPGs are calculated with each other. PPG is measured by irradiating a blood vessel with light from a light source and acquiring reflected light or transmitted light obtained by a light receiving unit. The waveform of PPG is different depending on the wavelength (color) of the light source. In particular, the depth at which light can reach in a living body differs depending on the wavelength. Therefore, for example, as shown in FIG. 9, it is considered that only deep information can be extracted by calculating the difference between the biological signal obtained by green light and the biological signal obtained by infrared light. It is considered that the composite signal obtained by the calculation between each biological signal is more difficult to artificially generate than the single biological signal.
 (ステップS204:認証情報生成処理)
 認証情報生成部22は、ステップS203で生成された複合信号から、認証情報を生成する。認証情報の生成方法は、生体信号に代えて複合信号を入力とする点以外は、実施の形態1と同じである。認証情報生成部22は、認証情報をメモリ12に書き込む。 (Step S204: Authentication information generation process)
The authentication information generation unit 22 generates authentication information from the composite signal generated in step S203. The method of generating the authentication information is the same as that of the first embodiment except that a composite signal is input instead of the biological signal. The authentication information generation unit 22 writes the authentication information in the memory 12.
 (ステップS205:部位情報生成処理)
 部位情報生成部23は、ステップS203で生成された複合信号から、部位情報を生成する。部位情報の生成方法は、生体信号に代えて複合信号を入力とする点以外は、実施の形態1と同じである。部位情報生成部23は、部位情報をメモリ12に書き込む。 (Step S205: Part information generation process)
The site information generation unit 23 generates site information from the composite signal generated in step S203. The method of generating the site information is the same as that of the first embodiment except that a composite signal is input instead of the biological signal. The site information generation unit 23 writes the site information to the memory 12.
 図8に示す処理を行う前提として、認証基準情報及び部位基準情報を記憶しておく必要がある。具体的には、ステップS201からステップS205までの処理を実行して、ステップS204で生成された認証情報を認証基準情報とし、ステップS205で生成された部位情報を部位基準情報として記憶される。実施の形態1と同様に、一定期間が経過した場合には認証基準情報及び部位基準情報を取得し直すようにしてもよい。 As a prerequisite for performing the process shown in FIG. 8, it is necessary to store the authentication standard information and the site standard information. Specifically, the processes from step S201 to step S205 are executed, the authentication information generated in step S204 is stored as authentication reference information, and the site information generated in step S205 is stored as site reference information. Similar to the first embodiment, the certification standard information and the site standard information may be reacquired after a certain period of time has passed.
 なお、ステップS204とステップS205との実行順序と、ステップS206とステップS207との実行順序とは、図2に示す順序に限定されず、入れ替わってもよい。 The execution order of step S204 and step S205 and the execution order of step S206 and step S207 are not limited to the order shown in FIG. 2, and may be interchanged.
 ***実施の形態2の効果***
 以上のように、実施の形態2に係る認証装置10は、複数の生体信号から演算によって得られた複合信号から、認証情報と部位情報との少なくともいずれかが生成される。複合信号は、単一の生体信号よりも人工的な生成が難しいと考えられる。そのため、生体信号の不正計測によるなりすまし攻撃へのよりよい対策を実現可能である。 *** Effect of Embodiment 2 ***
As described above, the authentication device 10 according to the second embodiment generates at least one of authentication information and site information from a composite signal obtained by calculation from a plurality of biological signals. Composite signals are considered to be more difficult to artificially generate than single biological signals. Therefore, it is possible to realize better countermeasures against spoofing attacks due to illegal measurement of biological signals.
 ***他の構成***
 <変形例5>
 変形例2と同様に、認証情報による第1認証と、部位情報による第2認証とが複数回連続して成功した場合に、認証成功となるようにしてもよい。 *** Other configurations ***
<Modification 5>
Similar to the second modification, if the first authentication based on the authentication information and the second authentication based on the site information are successful a plurality of times in succession, the authentication may be successful.
 図10を参照して、変形例5に係る認証装置10の処理の流れを説明する。
 ステップS211からステップS217の処理は、図8のステップS201からステップS207の処理と同じである。但し、ステップS207では、認証部24は、第2認証に成功したと判定された場合には、処理をステップS218に進める。 With reference to FIG. 10, the processing flow of the authentication device 10 according to the modified example 5 will be described.
The process from step S211 to step S217 is the same as the process from step S201 to step S207 in FIG. However, in step S207, if it is determined that the second authentication is successful, the authentication unit 24 advances the process to step S218.
 (ステップS218:継続判定処理)
 認証部24は、第1認証及び第2認証の成功回数が基準回数に達したか否かを判定する。
 認証部24は、成功回数が基準回数に達した場合には、認証成功として、処理を終了する。一方、認証部24は、成功回数が基準回数に達していない場合には、処理をステップS211に戻す。 (Step S218: Continuation determination process)
The authentication unit 24 determines whether or not the number of successful first and second authentications has reached the reference number of times.
When the number of successes reaches the reference number, the authentication unit 24 considers the authentication to be successful and ends the process. On the other hand, if the number of successes has not reached the reference number, the authentication unit 24 returns the process to step S211.
 なお、変形例2と同様に、2回目以降のステップS217では、認証部24は、部位情報が1回目に生成された部位情報と同じ部位についての部位情報であるか否かを判定してもよい。そして、認証部24は、条件を満たし、かつ、部位情報が1回目に生成された部位情報と同じ部位についての部位情報である場合には、第2認証に成功したと判定してもよい。
 また、ステップS211では、攻撃者から観測できないように演算方法を毎回変更し、毎回異なる演算方法で複合信号を生成してもよい。これにより、なりすまし攻撃の難易度をさらに高くすることができる。 In addition, as in the modification 2, in the second and subsequent steps S217, the authentication unit 24 may determine whether or not the site information is the site information for the same site as the site information generated for the first time. good. Then, if the condition is satisfied and the site information is the site information about the same site as the site information generated for the first time, the authentication unit 24 may determine that the second authentication has been successful.
Further, in step S211 the calculation method may be changed each time so as not to be observed by an attacker, and a composite signal may be generated by a different calculation method each time. This makes it possible to further increase the difficulty of spoofing attacks.
 実施の形態3.
 実施の形態3は、センサ制御情報をセンサ31に与えた上で生体信号を取得することにより、センサ制御情報応じた生体信号を取得する点が実施の形態1と異なる。実施の形態3では、この異なる点を説明し、同一の点については説明を省略する。 Embodiment 3.
The third embodiment is different from the first embodiment in that the biological signal corresponding to the sensor control information is acquired by giving the sensor control information to the sensor 31 and then acquiring the biological signal. In the third embodiment, these different points will be described, and the same points will be omitted.
 ***構成の説明***
 図11を参照して、実施の形態3に係る認証装置10の構成を説明する。
 認証装置10は、プロセッサ11がセンサインタフェース13を介して複数のセンサ31と接続されている点が図1に示す認証装置10と異なる。各センサ31は、プロセッサ11から与えられるセンサ制御情報により制御される。
 なお、ここでは、複数のセンサ31を用いる場合を説明するが、認証装置10は単一のセンサ31を用いて、センサ制御情報に応じて異なる生体信号を取得するようにしてもよい。 *** Explanation of configuration ***
The configuration of the authentication device 10 according to the third embodiment will be described with reference to FIG.
The authentication device 10 differs from the authentication device 10 shown in FIG. 1 in that the processor 11 is connected to a plurality of sensors 31 via the sensor interface 13. Each sensor 31 is controlled by the sensor control information given from the processor 11.
Although the case where a plurality of sensors 31 are used will be described here, the authentication device 10 may use a single sensor 31 to acquire different biological signals according to the sensor control information.
 ***動作の説明***
 図12及び図14を参照して、実施の形態3に係る認証装置10の動作を説明する。
 実施の形態3に係る認証装置10の動作手順は、実施の形態3に係る認証方法に相当する。また、実施の形態3に係る認証装置10の動作を実現するプログラムは、実施の形態3に係る認証プログラムに相当する。 *** Explanation of operation ***
The operation of the authentication device 10 according to the third embodiment will be described with reference to FIGS. 12 and 14.
The operation procedure of the authentication device 10 according to the third embodiment corresponds to the authentication method according to the third embodiment. Further, the program that realizes the operation of the authentication device 10 according to the third embodiment corresponds to the authentication program according to the third embodiment.
 図12を参照して、実施の形態3に係る認証装置10の処理の流れを説明する。
 ステップS303からステップS304の処理は、図2のステップS102からステップS103の処理と同じである。 With reference to FIG. 12, the processing flow of the authentication device 10 according to the third embodiment will be described.
The process from step S303 to step S304 is the same as the process from step S102 to step S103 in FIG.
 (ステップS301:制御情報決定処理)
 信号取得部21は、センサ制御情報を決定する。センサ制御情報は、具体例としては、複数のセンサ31のうちどのセンサ31を利用するかを示す情報と、光学センサに含まれる光源の波長(色)の設定情報である。しかし、センサ制御情報は、これに限るものではない。
 具体的には、信号取得部21は、対象者等からセンサ制御情報の指定を受け付ける、事前に設定されたセンサ制御情報を読み出すといった方法により、センサ制御情報を決定する。事前に設定する方法としては、時刻に応じて、使用するセンサ制御情報を決めておくことが考えられる。例えば、時刻t1以前は緑色光源を使用し、時刻t1以降は赤外光源を使用するといった決め方が考えられる。また、制御情報の使用順を事前に無作為に決めておくことが考えられる。例えば、緑色光源と赤色光源とを交互に使用するといった決め方が考えられる。 (Step S301: Control information determination process)
The signal acquisition unit 21 determines the sensor control information. As a specific example, the sensor control information is information indicating which sensor 31 is used among the plurality of sensors 31, and setting information of the wavelength (color) of the light source included in the optical sensor. However, the sensor control information is not limited to this.
Specifically, the signal acquisition unit 21 determines the sensor control information by a method of accepting the designation of the sensor control information from the target person or the like and reading out the preset sensor control information. As a method of setting in advance, it is conceivable to determine the sensor control information to be used according to the time. For example, a method of deciding to use a green light source before time t1 and to use an infrared light source after time t1 can be considered. In addition, it is conceivable to randomly determine the order of use of control information in advance. For example, a method of deciding to use a green light source and a red light source alternately can be considered.
 (ステップS302:信号取得処理)
 信号取得部21は、センサインタフェース13を介して接続されたセンサ31から、ステップS301で決定されたセンサ制御情報に応じた生体信号を取得する。
 具体的には、信号取得部21は、ステップS301で決定されたセンサ制御情報によってセンサ31を制御した上で、センサ31から生体信号を取得する。信号取得部21は、生体信号をメモリ12に書き込む。 (Step S302: Signal acquisition process)
The signal acquisition unit 21 acquires a biological signal corresponding to the sensor control information determined in step S301 from the sensor 31 connected via the sensor interface 13.
Specifically, the signal acquisition unit 21 controls the sensor 31 by the sensor control information determined in step S301, and then acquires the biological signal from the sensor 31. The signal acquisition unit 21 writes the biological signal to the memory 12.
 (ステップS305:第1認証処理)
 認証部24は、ステップS301で決定されたセンサ制御情報に応じた基準を用いて、第1認証を行う。
 具体的には、認証部24は、ステップS303で生成された認証情報と、事前に補助記憶装置16に記憶された認証基準情報であって、センサ制御情報に対応する認証基準情報とを比較して、第1認証に成功したか失敗したかを判定する。この際、認証部24は、センサ制御情報に応じた条件を満たすか否かを判定することにより、第1認証に成功したか失敗したかを判定する。
 認証部24は、第1認証に成功したと判定された場合には、処理をステップS306に進める。一方、認証部24は、第1認証に失敗したと判定された場合には、認証失敗として、処理を終了する。なお、第1認証に失敗したと判定された場合には、処理をステップS301に戻して、認証処理をやり直させてもよい。 (Step S305: First authentication process)
The authentication unit 24 performs the first authentication using the standard according to the sensor control information determined in step S301.
Specifically, the authentication unit 24 compares the authentication information generated in step S303 with the authentication standard information stored in the auxiliary storage device 16 in advance and corresponding to the sensor control information. Then, it is determined whether the first authentication is successful or unsuccessful. At this time, the authentication unit 24 determines whether or not the first authentication is successful or unsuccessful by determining whether or not the conditions corresponding to the sensor control information are satisfied.
If it is determined that the first authentication is successful, the authentication unit 24 advances the process to step S306. On the other hand, if it is determined that the first authentication has failed, the authentication unit 24 determines that the authentication has failed and ends the process. If it is determined that the first authentication has failed, the process may be returned to step S301 and the authentication process may be redone.
 (ステップS306:第2認証処理)
 認証部24は、ステップS301で決定されたセンサ制御情報に応じた基準を用いて、第2認証を行う。
 具体的には、認証部24は、ステップS304で生成された部位情報と、事前に補助記憶装置16に記憶された部位基準情報であって、センサ制御情報に対応する部位基準情報とを比較して、第2認証に成功したか失敗したかを判定する。この際、認証部24は、センサ制御情報に応じた条件を満たすか否かを判定することにより、第2認証に成功したか失敗したかを判定する。
 認証部24は、第2認証に成功したと判定された場合には、認証成功として、処理を終了する。一方、認証部24は、第2認証に失敗したと判定された場合には、認証失敗として、処理を終了する。なお、第2認証に失敗したと判定された場合には、処理をステップS301に戻して、認証処理をやり直させてもよい。 (Step S306: Second authentication process)
The authentication unit 24 performs the second authentication using the standard according to the sensor control information determined in step S301.
Specifically, the authentication unit 24 compares the site information generated in step S304 with the site reference information stored in the auxiliary storage device 16 in advance and corresponding to the sensor control information. Then, it is determined whether the second authentication is successful or unsuccessful. At this time, the authentication unit 24 determines whether the second authentication is successful or unsuccessful by determining whether or not the conditions corresponding to the sensor control information are satisfied.
If it is determined that the second authentication is successful, the authentication unit 24 considers the authentication successful and ends the process. On the other hand, if it is determined that the second authentication has failed, the authentication unit 24 determines that the authentication has failed and ends the process. If it is determined that the second authentication has failed, the process may be returned to step S301 and the authentication process may be redone.
 図12に示す処理を行う前提として、センサ制御情報に応じた認証基準情報及び部位基準情報を記憶しておく必要がある。具体的には、ステップS301からステップS304までの処理を実行して、ステップS303で生成された認証情報を認証基準情報とし、ステップS304で生成された部位情報を部位基準情報として記憶される。この際、使用される各センサ制御情報についてステップS301からステップS304までの処理が実行され、各センサ制御情報に対応する認証基準情報及び部位基準情報が記憶される。
 その結果、図13及び図14に示すように、1人の対象者について、センサ制御情報毎に、認証基準情報及び部位基準情報が生体信号の計測日時とともに記憶される。図13は、センサ制御情報に応じて使用するセンサ31を変更する場合の例を示している。図14は、センサ制御情報に応じて光源を変更する場合の例を示している。なお、図13及び図14では、認証基準情報及び部位基準情報として、特徴量が用いられた場合を示している。図13では、各対象者について、センサ1を使用した場合と、センサ2を使用した場合との認証基準情報及び部位基準情報が記憶されている。図14では、各対象者について、光源を緑色にした場合と、光源を赤色にした場合との認証基準情報及び部位基準情報が記憶されている。 As a premise for performing the process shown in FIG. 12, it is necessary to store the authentication standard information and the site standard information corresponding to the sensor control information. Specifically, the processes from step S301 to step S304 are executed, the authentication information generated in step S303 is stored as authentication reference information, and the site information generated in step S304 is stored as site reference information. At this time, the processes from step S301 to step S304 are executed for each sensor control information used, and the authentication reference information and the site reference information corresponding to each sensor control information are stored.
As a result, as shown in FIGS. 13 and 14, authentication reference information and site reference information are stored together with the measurement date and time of the biological signal for each sensor control information for one subject. FIG. 13 shows an example in which the sensor 31 to be used is changed according to the sensor control information. FIG. 14 shows an example in which the light source is changed according to the sensor control information. Note that FIGS. 13 and 14 show a case where the feature amount is used as the authentication standard information and the site reference information. In FIG. 13, the authentication standard information and the site reference information when the sensor 1 is used and when the sensor 2 is used are stored for each target person. In FIG. 14, the authentication standard information and the site standard information when the light source is green and when the light source is red are stored for each target person.
 なお、ステップS303とステップS304との実行順序と、ステップS305とステップS306との実行順序とは、図2に示す順序に限定されず、入れ替わってもよい。 The execution order of step S303 and step S304 and the execution order of step S305 and step S306 are not limited to the order shown in FIG. 2, and may be interchanged.
 ***実施の形態3の効果***
 以上のように、実施の形態3に係る認証装置10は、センサ制御情報に応じた生体信号を取得する。例えば、PPGは、緑色と赤外光といった光源を光検出器とともに用いることで計測されるが、光源の波長で計測される波形が異なる。そのため、光源の波長を変更することにより、認証情報及び部位情報として異なる情報が得られる。攻撃者からは、センサ制御情報は観測できない。例えば、攻撃者は制御情報として使用される光源の種類、又は、使用するセンサ31を観測することができない。したがって、認証に用いられる生体信号の計測又は生成によるなりすまし攻撃が不可能、または実施形態1の場合よりも難易度が高くなる。 *** Effect of Embodiment 3 ***
As described above, the authentication device 10 according to the third embodiment acquires a biological signal corresponding to the sensor control information. For example, PPG is measured by using a light source such as green and infrared light together with a photodetector, but the waveform measured by the wavelength of the light source is different. Therefore, by changing the wavelength of the light source, different information can be obtained as authentication information and site information. Sensor control information cannot be observed from the attacker. For example, an attacker cannot observe the type of light source used as control information or the sensor 31 used. Therefore, spoofing attacks by measuring or generating biological signals used for authentication are impossible, or the difficulty level is higher than in the case of the first embodiment.
 ***他の構成***
 <変形例6>
 変形例2と同様に、認証情報による第1認証と、部位情報による第2認証とが複数回連続して成功した場合に、認証成功となるようにしてもよい。 *** Other configurations ***
<Modification 6>
Similar to the second modification, if the first authentication based on the authentication information and the second authentication based on the site information are successful a plurality of times in succession, the authentication may be successful.
 図15を参照して、変形例6に係る認証装置10の処理の流れを説明する。
 ステップS311からステップS316の処理は、図12のステップS301からステップS306の処理と同じである。但し、ステップS306では、認証部24は、第2認証に成功したと判定された場合には、処理をステップS317に進める。 A flow of processing of the authentication device 10 according to the modification 6 will be described with reference to FIG.
The process from step S311 to step S316 is the same as the process from step S301 to step S306 in FIG. However, in step S306, if it is determined that the second authentication is successful, the authentication unit 24 advances the process to step S317.
 (ステップS317:継続判定処理)
 認証部24は、第1認証及び第2認証の成功回数が基準回数に達したか否かを判定する。
 認証部24は、成功回数が基準回数に達した場合には、認証成功として、処理を終了する。一方、認証部24は、成功回数が基準回数に達していない場合には、処理をステップS311に戻す。 (Step S317: Continuation determination process)
The authentication unit 24 determines whether or not the number of successful first and second authentications has reached the reference number of times.
When the number of successes reaches the reference number, the authentication unit 24 considers the authentication to be successful and ends the process. On the other hand, if the number of successes has not reached the reference number, the authentication unit 24 returns the process to step S311.
 なお、変形例2と同様に、2回目以降のステップS316では、認証部24は、部位情報が1回目に生成された部位情報と同じ部位についての部位情報であるか否かを判定してもよい。そして、認証部24は、条件を満たし、かつ、部位情報が1回目に生成された部位情報と同じ部位についての部位情報である場合には、第2認証に成功したと判定してもよい。
 また、ステップS311では、センサ制御情報を毎回変更してもよい。これにより、なりすまし攻撃の難易度をさらに高くすることができる。 In addition, as in the modification 2, in the second and subsequent steps S316, the authentication unit 24 may determine whether or not the site information is the site information for the same site as the site information generated for the first time. good. Then, if the condition is satisfied and the site information is the site information about the same site as the site information generated for the first time, the authentication unit 24 may determine that the second authentication has been successful.
Further, in step S311, the sensor control information may be changed each time. This makes it possible to further increase the difficulty of spoofing attacks.
 実施の形態4.
 実施の形態4は、光学的な手法及び電気的な手法といった複数の手法を用いて特定された、心拍数及び呼吸数といった生理指標を用いて認証する点が実施の形態1と異なる。実施の形態4は、この異なる点を説明し、同一の点については説明を省略する。 Embodiment 4.
The fourth embodiment differs from the first embodiment in that authentication is performed using physiological indicators such as heart rate and respiratory rate, which are specified by using a plurality of methods such as an optical method and an electrical method. The fourth embodiment explains these different points, and omits the description of the same points.
 ***構成の説明***
 図16を参照して、実施の形態4に係る認証装置10の構成を説明する。
 認証装置10は、機能構成要素として、生理指標生成部26を備える点が図1に示す認証装置10と異なる。生理指標生成部26は、他の機能構成要素と同様に、ソフトウェア又はハードウェアによって実現される。
 また、認証装置10は、プロセッサ11がセンサインタフェース13を介して複数のセンサ31と接続されている点が図1に示す認証装置10と異なる。複数のセンサ31としては、光学センサと振動センサとのように異なる物理量を計測するセンサが使用される。 *** Explanation of configuration ***
The configuration of the authentication device 10 according to the fourth embodiment will be described with reference to FIG.
The authentication device 10 differs from the authentication device 10 shown in FIG. 1 in that the authentication device 10 includes a physiological index generation unit 26 as a functional component. The physiological index generation unit 26 is realized by software or hardware like other functional components.
Further, the authentication device 10 is different from the authentication device 10 shown in FIG. 1 in that the processor 11 is connected to a plurality of sensors 31 via the sensor interface 13. As the plurality of sensors 31, sensors that measure different physical quantities, such as an optical sensor and a vibration sensor, are used.
 ***動作の説明***
 図17から図19を参照して、実施の形態4に係る認証装置10の動作を説明する。
 実施の形態4に係る認証装置10の動作手順は、実施の形態4に係る認証方法に相当する。また、実施の形態4に係る認証装置10の動作を実現するプログラムは、実施の形態4に係る認証プログラムに相当する。 *** Explanation of operation ***
The operation of the authentication device 10 according to the fourth embodiment will be described with reference to FIGS. 17 to 19.
The operation procedure of the authentication device 10 according to the fourth embodiment corresponds to the authentication method according to the fourth embodiment. Further, the program that realizes the operation of the authentication device 10 according to the fourth embodiment corresponds to the authentication program according to the fourth embodiment.
 図17を参照して、実施の形態4に係る認証装置10の処理の流れを説明する。
 ステップS402からステップS403の処理は、図2のステップS102からステップS103の処理と同じである。ステップS405からステップS406の処理は、図2のステップS104からステップS105の処理と同じである。但し、ステップS406では、第2認証に成功したと判定された場合には、認証成功とするのではなく、処理をステップS407に進める。 A flow of processing of the authentication device 10 according to the fourth embodiment will be described with reference to FIG.
The process from step S402 to step S403 is the same as the process from step S102 to step S103 in FIG. The process from step S405 to step S406 is the same as the process from step S104 to step S105 in FIG. However, in step S406, if it is determined that the second authentication is successful, the process proceeds to step S407 instead of making the authentication successful.
 (ステップS401:信号取得処理)
 信号取得部21は、センサインタフェース13を介して接続された複数のセンサ31から、対象者の複数の生体信号を取得する。信号取得部21は、複数の生体信号をメモリ12に書き込む。 (Step S401: Signal acquisition process)
The signal acquisition unit 21 acquires a plurality of biological signals of the subject from the plurality of sensors 31 connected via the sensor interface 13. The signal acquisition unit 21 writes a plurality of biological signals to the memory 12.
 ここでは、複数の生体信号が取得されるが、ステップS402ではいずれか1つの生体信号から認証情報が生成されてもよいし、複数の生体信号から認証情報が生成されてもよい。同様に、ステップS403ではいずれか1つの生体信号から部位情報が生成されてもよいし、複数の生体信号から部位情報が生成されてもよい。なお、別の生体信号を用いて、認証情報と部位情報とを生成してもよい。 Here, a plurality of biological signals are acquired, but in step S402, the authentication information may be generated from any one biological signal, or the authentication information may be generated from a plurality of biological signals. Similarly, in step S403, the site information may be generated from any one biological signal, or the site information may be generated from a plurality of biological signals. In addition, authentication information and site information may be generated by using another biological signal.
 (ステップS404:生理指標生成処理)
 生理指標生成部26は、ステップS401で取得された複数の生体信号それぞれから同一の生理に関する生理指標を生成する。生理指標生成部26は、各生体信号から生成された生理指標をメモリ12に書き込む。 (Step S404: Physiological index generation process)
The physiological index generation unit 26 generates a physiological index related to the same physiology from each of the plurality of biological signals acquired in step S401. The physiological index generation unit 26 writes the physiological index generated from each biological signal into the memory 12.
 図18を参照して、生理指標の例を説明する。
 図18では、PPG計測センサによって対象者のPPGが計測されるとともに、圧電素子といった振動計測センサによって対象者の微小な振動が計測される。PPGからは心拍数及び呼吸数といった生理指標を取得できることが知られている。振動計測センサによって得られた微小な振動からも、心拍数及び呼吸数といった生理指標を取得できることが知られている。そこで、生理指標生成部26は、例えば、PPG及び微小な振動のそれぞれから心拍数を生理指標として生成することが考えられる。 An example of a physiological index will be described with reference to FIG.
In FIG. 18, the PPG of the subject is measured by the PPG measurement sensor, and the minute vibration of the subject is measured by a vibration measurement sensor such as a piezoelectric element. It is known that physiological indexes such as heart rate and respiratory rate can be obtained from PPG. It is known that physiological indexes such as heart rate and respiratory rate can be obtained from minute vibrations obtained by a vibration measurement sensor. Therefore, it is conceivable that the physiological index generation unit 26 generates the heart rate as a physiological index from each of PPG and minute vibration, for example.
 (ステップS407:第3認証処理)
 認証部24は、複数の生体信号それぞれから生成された生理指標を比較して、第3認証に成功したか失敗したかを判定する。
 具体的には、認証部24は、複数の生体信号それぞれから生成された生理指標の類似度が第3閾値以上である、又は、複数の生体信号それぞれから生成された生理指標の差が許容値以内であるといった条件を満たすか否かを判定する。認証部24は、条件を満たす場合には、第3認証に成功したと判定し、条件を満たさない場合には、第3認証に失敗したと判定する。
 認証部24は、第3認証に成功したと判定された場合には、認証成功として、処理を終了する。一方、認証部24は、第3認証に失敗したと判定された場合には、認証失敗として、処理を終了する。なお、第3認証に失敗したと判定された場合には、処理をステップS401に戻して、認証処理をやり直させてもよい。 (Step S407: Third authentication process)
The authentication unit 24 compares the physiological indexes generated from each of the plurality of biological signals, and determines whether the third authentication is successful or unsuccessful.
Specifically, in the authentication unit 24, the similarity of the physiological indicators generated from each of the plurality of biological signals is equal to or higher than the third threshold value, or the difference between the physiological indicators generated from each of the plurality of biological signals is an allowable value. It is determined whether or not the condition such as within is satisfied. If the condition is satisfied, the authentication unit 24 determines that the third authentication has succeeded, and if the condition is not satisfied, determines that the third authentication has failed.
If it is determined that the third authentication is successful, the authentication unit 24 considers the authentication successful and ends the process. On the other hand, if it is determined that the third authentication has failed, the authentication unit 24 determines that the authentication has failed and ends the process. If it is determined that the third authentication has failed, the process may be returned to step S401 and the authentication process may be redone.
 なお、第3認証に成功したか失敗したかを判定するための条件として、複数の生体信号それぞれから生成された生理指標と、生理指標の基準値との差が許容値以内かといった条件を含めてもよい。この場合には、図19に示すように、図17に示す処理を行う前提として、認証基準情報及び部位基準情報に加えて、生理指標の基準値を記憶しておく必要がある。具体的には、ステップS401からステップS404までの処理を実行して、ステップS404で生成された生理指標の平均値等が生理指標の基準値として記憶される。 In addition, as a condition for determining whether the third authentication succeeds or fails, a condition such as whether the difference between the physiological index generated from each of a plurality of biological signals and the reference value of the physiological index is within the allowable value is included. You may. In this case, as shown in FIG. 19, it is necessary to store the reference value of the physiological index in addition to the authentication reference information and the site reference information as a premise for performing the process shown in FIG. Specifically, the processes from step S401 to step S404 are executed, and the average value or the like of the physiological index generated in step S404 is stored as the reference value of the physiological index.
 なお、ステップS402からステップS404との実行順序と、ステップS405からステップS407との実行順序とは、図17に示す順序に限定されず、入れ替わってもよい。 The execution order from step S402 to step S404 and the execution order from step S405 to step S407 are not limited to the order shown in FIG. 17, and may be interchanged.
 ***実施の形態4の効果***
 以上のように、実施の形態4に係る認証装置10は、認証情報及び部位情報に加えて生理指標を用いて認証を行う。これにより、計測している対象が生体であることがある程度保証可能になる。また、複数のセンサ31で異なる物理量を計測するため、人工的な信号生成の手間及び難易度が高くなり、その結果なりすまし攻撃の難易度が高くなる。 *** Effect of Embodiment 4 ***
As described above, the authentication device 10 according to the fourth embodiment performs authentication using a physiological index in addition to the authentication information and the site information. This makes it possible to guarantee to some extent that the object to be measured is a living body. Further, since different physical quantities are measured by the plurality of sensors 31, the labor and difficulty of artificial signal generation become high, and as a result, the difficulty of spoofing attack becomes high.
 ***他の構成***
 <変形例7>
 変形例2と同様に、認証情報による第1認証と、部位情報による第2認証と、生理指標による第3認証とが複数回連続して成功した場合に、認証成功となるようにしてもよい。 *** Other configurations ***
<Modification 7>
Similar to the second modification, if the first authentication based on the authentication information, the second authentication based on the site information, and the third authentication based on the physiological index are successful a plurality of times in succession, the authentication may be successful. ..
 図20を参照して、変形例7に係る認証装置10の処理の流れを説明する。
 ステップS411からステップS417の処理は、図17のステップS401からステップS407の処理と同じである。但し、ステップS407では、認証部24は、第3認証に成功したと判定された場合には、処理をステップS418に進める。 With reference to FIG. 20, the flow of processing of the authentication device 10 according to the modification 7 will be described.
The process from step S411 to step S417 is the same as the process from step S401 to step S407 in FIG. However, in step S407, if it is determined that the third authentication is successful, the authentication unit 24 proceeds to step S418.
 (ステップS418:継続判定処理)
 認証部24は、第1認証と第2認証と第3認証との成功回数が基準回数に達したか否かを判定する。
 認証部24は、成功回数が基準回数に達した場合には、認証成功として、処理を終了する。一方、認証部24は、成功回数が基準回数に達していない場合には、処理をステップS411に戻す。 (Step S418: Continuation determination process)
The authentication unit 24 determines whether or not the number of successes of the first authentication, the second authentication, and the third authentication has reached the reference number of times.
When the number of successes reaches the reference number, the authentication unit 24 considers the authentication to be successful and ends the process. On the other hand, if the number of successes has not reached the reference number, the authentication unit 24 returns the process to step S411.
 なお、変形例2と同様に、2回目以降のステップS416では、認証部24は、部位情報が1回目に生成された部位情報と同じ部位についての部位情報であるか否かを判定してもよい。そして、認証部24は、条件を満たし、かつ、部位情報が1回目に生成された部位情報と同じ部位についての部位情報である場合には、第2認証に成功したと判定してもよい。 In addition, as in the modification 2, in the second and subsequent steps S416, the authentication unit 24 may determine whether or not the site information is the site information for the same site as the site information generated for the first time. good. Then, if the condition is satisfied and the site information is the site information about the same site as the site information generated for the first time, the authentication unit 24 may determine that the second authentication has been successful.
 なお、以上の説明における「部」を、「回路」、「工程」、「手順」、「処理」又は「処理回路」に読み替えてもよい。 Note that the "part" in the above description may be read as "circuit", "process", "procedure", "processing" or "processing circuit".
 以上、本開示の実施の形態及び変形例について説明した。これらの実施の形態及び変形例のうち、いくつかを組み合わせて実施してもよい。また、いずれか1つ又はいくつかを部分的に実施してもよい。なお、本開示は、以上の実施の形態及び変形例に限定されるものではなく、必要に応じて種々の変更が可能である。 The embodiments and modifications of the present disclosure have been described above. Some of these embodiments and modifications may be combined and carried out. In addition, any one or several may be partially carried out. The present disclosure is not limited to the above embodiments and modifications, and various modifications can be made as necessary.
 10 認証装置、11 プロセッサ、12 メモリ、13 センサインタフェース、14 表示器インタフェース、15 通信インタフェース、16 補助記憶装置、21 信号取得部、22 認証情報生成部、23 部位情報生成部、24 認証部、25 信号演算部、26 生理指標生成部、31 センサ。 10 authentication device, 11 processor, 12 memory, 13 sensor interface, 14 display interface, 15 communication interface, 16 auxiliary storage device, 21 signal acquisition unit, 22 authentication information generation unit, 23 part information generation unit, 24 authentication unit, 25 Signal calculation unit, 26 physiological index generation unit, 31 sensor.

Claims (11)

  1.  生体信号を取得する信号取得部と、
     前記信号取得部によって取得された前記生体信号から、生体の個体に応じて異なる認証情報を生成する認証情報生成部と、
     前記生体信号から、前記生体信号の取得部位に応じて異なる部位情報を生成する部位情報生成部と、
     前記認証情報生成部によって生成された前記認証情報と、前記部位情報生成部によって生成された前記部位情報とに基づき、認証を行う認証部と
    を備える認証装置。     A signal acquisition unit that acquires biological signals,
    An authentication information generation unit that generates different authentication information according to an individual living body from the biological signal acquired by the signal acquisition unit.
    A site information generation unit that generates different site information from the biological signal depending on the acquisition site of the biological signal.
    An authentication device including an authentication unit that performs authentication based on the authentication information generated by the authentication information generation unit and the site information generated by the site information generation unit.
  2.  前記認証部は、前記認証情報が基準を満たし、かつ、前記部位情報が基準を満たすか否かに応じて、認証に成功したか否かを判定する
    請求項1に記載の認証装置。     The authentication device according to claim 1, wherein the authentication unit determines whether or not the authentication is successful, depending on whether or not the authentication information satisfies the standard and the site information satisfies the standard.
  3.  前記信号取得部は、生体信号を時刻をずらして複数回取得し、
     前記部位情報生成部は、複数回取得された前記生体信号それぞれについて、前記部位情報を生成し、
     前記認証部は、複数回取得された前記生体信号それぞれについての前記部位情報が同じ部位についての部位情報であるか否かに応じて、認証に成功したか否かを判定する
    請求項2に記載の認証装置。     The signal acquisition unit acquires the biological signal a plurality of times at different times.
    The site information generation unit generates the site information for each of the biological signals acquired a plurality of times.
    According to claim 2, the authentication unit determines whether or not the authentication is successful, depending on whether or not the site information for each of the biological signals acquired a plurality of times is site information for the same site. Authentication device.
  4.  前記信号取得部は、複数の生体信号を取得し、
     前記認証装置は、さらに、
     前記複数の生体信号を入力として演算を行い複合信号を生成する信号演算部
    を備え、
     前記認証情報生成部は、前記信号演算部によって生成された前記複合信号から、前記認証情報を生成する
    請求項1又は2に記載の認証装置。     The signal acquisition unit acquires a plurality of biological signals and obtains them.
    The authentication device further
    It is provided with a signal calculation unit that performs calculations using the plurality of biological signals as inputs and generates a composite signal.
    The authentication device according to claim 1 or 2, wherein the authentication information generation unit generates the authentication information from the composite signal generated by the signal calculation unit.
  5.  前記信号取得部は、複数の生体信号を取得し、
     前記認証装置は、さらに、
     前記複数の生体信号を入力として演算を行い複合信号を生成する信号演算部
    を備え、
     前記部位情報生成部は、前記信号演算部によって生成された前記複合信号から、前記部位情報を生成する
    請求項1又は2に記載の認証装置。     The signal acquisition unit acquires a plurality of biological signals and obtains them.
    The authentication device further
    It is provided with a signal calculation unit that performs calculations using the plurality of biological signals as inputs and generates a composite signal.
    The authentication device according to claim 1 or 2, wherein the site information generation unit generates the site information from the composite signal generated by the signal calculation unit.
  6.  前記信号取得部は、複数の生体信号を時刻をずらして複数回取得し、
     前記信号演算部は、複数回取得された前記複数の生体信号について、それぞれ異なる演算方法によって演算を行い前記複合信号を生成する
    請求項4又は5に記載の認証装置。     The signal acquisition unit acquires a plurality of biological signals at different times and multiple times.
    The authentication device according to claim 4 or 5, wherein the signal calculation unit calculates the plurality of biological signals acquired a plurality of times by different calculation methods to generate the composite signal.
  7.  前記信号取得部は、センサ制御情報に応じた生体信号を取得し、
     前記認証部は、前記センサ制御情報に応じた基準を用いて、前記認証情報及び前記部位情報に基づき、認証を行う
    請求項1から6までのいずれか1項に記載の認証装置。     The signal acquisition unit acquires a biological signal according to the sensor control information, and obtains a biological signal.
    The authentication device according to any one of claims 1 to 6, wherein the authentication unit performs authentication based on the authentication information and the site information using a standard according to the sensor control information.
  8.  前記信号取得部は、時刻毎に異なるセンサ制御情報に応じた生体信号を、時刻をずらして複数回取得し、
     前記認証部は、複数回取得された生体信号それぞれを対象の生体信号として、前記対象の生体信号に対応する前記センサ制御情報に応じた基準を用いて、前記対象の生体信号についての前記認証情報及び前記部位情報に基づき、認証を行う
    請求項7に記載の認証装置。     The signal acquisition unit acquires biological signals corresponding to sensor control information that are different for each time, at different times, a plurality of times.
    The authentication unit uses each of the biometric signals acquired a plurality of times as the biometric signal of the target, and uses the reference corresponding to the sensor control information corresponding to the biometric signal of the target to obtain the authentication information of the biometric signal of the target. The authentication device according to claim 7, wherein the authentication is performed based on the site information.
  9.  前記信号取得部は、複数の生体信号を取得し、
     前記認証装置は、さらに、
     前記複数の生体信号それぞれから同一の生理に関する生理指標を生成する生理指標生成部
    を備え、
     前記認証部は、前記生理指標生成部によって前記複数の生体信号それぞれから生成された前記生理指標を比較して、認証を行う
    請求項1から8までのいずれか1項に記載の認証装置。     The signal acquisition unit acquires a plurality of biological signals and obtains them.
    The authentication device further
    It is provided with a physiological index generation unit that generates a physiological index related to the same physiology from each of the plurality of biological signals.
    The authentication device according to any one of claims 1 to 8, wherein the authentication unit compares the physiological indexes generated from each of the plurality of biological signals by the physiological index generation unit, and performs authentication.
  10.  信号取得部が、生体信号を取得し、
     認証情報生成部が、前記生体信号から、生体の個体に応じて異なる認証情報を生成し、
     部位情報生成部が、前記生体信号から、前記生体信号の取得部位に応じて異なる部位情報を生成し、
     認証部が、前記認証情報と前記部位情報とに基づき、認証を行う認証方法。     The signal acquisition unit acquires the biological signal and
    The authentication information generation unit generates different authentication information from the biological signal according to the individual of the living body.
    The site information generation unit generates different site information from the biological signal according to the acquisition site of the biological signal.
    An authentication method in which an authentication unit performs authentication based on the authentication information and the site information.
  11.  生体信号を取得する信号取得処理と、
     前記信号取得処理によって取得された前記生体信号から、生体の個体に応じて異なる認証情報を生成する認証情報生成処理と、
     前記生体信号から、前記生体信号の取得部位に応じて異なる部位情報を生成する部位情報生成処理と、
     前記認証情報生成処理によって生成された前記認証情報と、前記部位情報生成処理によって生成された前記部位情報とに基づき、認証を行う認証処理と
    を行う認証装置としてコンピュータを機能させる認証プログラム。     Signal acquisition processing to acquire biological signals and
    Authentication information generation processing that generates authentication information that differs depending on the individual of the living body from the biological signal acquired by the signal acquisition processing, and
    A site information generation process that generates different site information from the biological signal depending on the site where the biological signal is acquired.
    An authentication program that causes a computer to function as an authentication device that performs an authentication process for performing authentication based on the authentication information generated by the authentication information generation process and the site information generated by the site information generation process.
PCT/JP2020/048990 2020-12-25 2020-12-25 Authentication device, authentication method, and authentication program WO2022137571A1 (en)

Priority Applications (5)

Application Number Priority Date Filing Date Title
JP2021526815A JP6983365B1 (en) 2020-12-25 2020-12-25 Authentication device, authentication method and authentication program
CN202080108030.8A CN116601627A (en) 2020-12-25 2020-12-25 Authentication device, authentication method, and authentication program
DE112020007726.8T DE112020007726T5 (en) 2020-12-25 2020-12-25 AUTHENTICATION DEVICE, AUTHENTICATION METHOD AND AUTHENTICATION PROGRAM
PCT/JP2020/048990 WO2022137571A1 (en) 2020-12-25 2020-12-25 Authentication device, authentication method, and authentication program
US18/139,729 US20230259599A1 (en) 2020-12-25 2023-04-26 Authentication device, authentication method, and computer readable medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2020/048990 WO2022137571A1 (en) 2020-12-25 2020-12-25 Authentication device, authentication method, and authentication program

Related Child Applications (1)

Application Number Title Priority Date Filing Date
US18/139,729 Continuation US20230259599A1 (en) 2020-12-25 2023-04-26 Authentication device, authentication method, and computer readable medium

Publications (1)

Publication Number Publication Date
WO2022137571A1 true WO2022137571A1 (en) 2022-06-30

Family

ID=79170067

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2020/048990 WO2022137571A1 (en) 2020-12-25 2020-12-25 Authentication device, authentication method, and authentication program

Country Status (5)

Country Link
US (1) US20230259599A1 (en)
JP (1) JP6983365B1 (en)
CN (1) CN116601627A (en)
DE (1) DE112020007726T5 (en)
WO (1) WO2022137571A1 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP7101922B1 (en) * 2021-12-24 2022-07-15 三菱電機株式会社 Biometric device, biometric method and biometric program

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2008073462A (en) * 2006-09-25 2008-04-03 Seiko Instruments Inc Authentication apparatus and method
US20190050064A1 (en) * 2015-08-07 2019-02-14 Fitbit, Inc. User identification via motion and heartbeat waveform data
US20200064921A1 (en) * 2016-11-16 2020-02-27 Samsung Electronics Co., Ltd. Electronic device and control method thereof

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP4953235B2 (en) * 2006-09-25 2012-06-13 セイコーインスツル株式会社 Authentication apparatus and authentication method
JP2014239737A (en) * 2013-06-11 2014-12-25 株式会社ジェイテクト Personal authentication apparatus and personal authentication system for vehicle
JP6673213B2 (en) 2014-10-29 2020-03-25 日本電気株式会社 Biometric authentication device and biometric authentication method
JP7060449B2 (en) * 2018-05-29 2022-04-26 株式会社日立製作所 Biometric system, biometric method, and biometric program

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2008073462A (en) * 2006-09-25 2008-04-03 Seiko Instruments Inc Authentication apparatus and method
US20190050064A1 (en) * 2015-08-07 2019-02-14 Fitbit, Inc. User identification via motion and heartbeat waveform data
US20200064921A1 (en) * 2016-11-16 2020-02-27 Samsung Electronics Co., Ltd. Electronic device and control method thereof

Also Published As

Publication number Publication date
DE112020007726T5 (en) 2023-08-10
JPWO2022137571A1 (en) 2022-06-30
CN116601627A (en) 2023-08-15
US20230259599A1 (en) 2023-08-17
JP6983365B1 (en) 2021-12-17

Similar Documents

Publication Publication Date Title
JP6651565B2 (en) Biometric template security and key generation
US10885306B2 (en) Living body detection method, system and non-transitory computer-readable recording medium
US8925058B1 (en) Authentication involving authentication operations which cross reference authentication factors
EP2997719B1 (en) System and method for authorizing access to access-controlled environments
US9003196B2 (en) System and method for authorizing access to access-controlled environments
JP2011159035A (en) Biometric authentication apparatus, biometric authentication method and program
CN105518710B (en) Video detecting method, video detection system and computer program product
CN107277053A (en) Auth method, device and mobile terminal
WO2017215533A1 (en) Biological characteristic recognition device and method and biological characteristic template registration method
CN106878344A (en) A kind of biological characteristic authentication, register method and device
CN113614731A (en) Authentication verification using soft biometrics
Hosseini Fingerprint vulnerability: A survey
WO2022137571A1 (en) Authentication device, authentication method, and authentication program
US20200028844A1 (en) System and method for performing user authentication
Zhong et al. VeinDeep: Smartphone unlock using vein patterns
Abdulkader et al. Authentication systems: Principles and threats
CN112769872B (en) Conference system access method and system based on audio and video feature fusion
CN110909704A (en) Living body detection method and device, electronic equipment and storage medium
Li et al. SigA: rPPG-based Authentication for Virtual Reality Head-mounted Display
KR20200041636A (en) Method for Extracting Biometric Information Pattern using a Fingerprint and Finger Vein
JP7101922B1 (en) Biometric device, biometric method and biometric program
Zhumazhanova The problem of biometric identification of a subject and subject's changed state: perspectives of new features application in analysis of face and neck thermograms
WO2019113765A1 (en) Face and electrocardiogram-based payment authentication method and terminal
CN109299945B (en) Identity verification method and device based on biological recognition algorithm
CN110321758A (en) The risk management and control method and device of living things feature recognition

Legal Events

Date Code Title Description
ENP Entry into the national phase

Ref document number: 2021526815

Country of ref document: JP

Kind code of ref document: A

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 20967056

Country of ref document: EP

Kind code of ref document: A1

WWE Wipo information: entry into national phase

Ref document number: 202080108030.8

Country of ref document: CN

122 Ep: pct application non-entry in european phase

Ref document number: 20967056

Country of ref document: EP

Kind code of ref document: A1